IT Division Policy, Planning, and Assessment
The Information Technology Division (ITD) is committed to providing the technological resources necessary to create a world-class learning and teaching environment for Weber State University through careful and thoughtful planning and execution. Policies executed to allow an open and collaborative environment to protect our most vital information resources. These elements are critical in providing long-lasting, productive, and synergistic changes to the University computing environment.
Managing the vast information technology resources required to sustain staff functions and student learning can be challenging. To do this effectively, the ITD has developed and continues to refine a set of Policies, Standards, Processes, and Guidelines to govern how we do business.
Please get in touch with the Senior IT Policy & Planning Administrator if you have any questions (njarvis@weber.edu).
Policy and Procedure Manual (PPM) for the IT Division
Section 10-1 Information Security Policy
Appendix A - Roles and Responsibilities
Appendix B - Standards and Guidelines
Section 10-2 Acceptable Use Policy (AUP) of University Information Technology Resources
Section 10-3 Network Security/Firewall Policy
Section 10-4 Payment Card Handling Policy
Section 10-5 University Telecommunications Services Policy
Section 10-6 Mobile Device Policy
Section 10-7 Cloud Storage and Application Policy
Standards & Guidelines
The IT Division supports the University's Alternative Work Guidelines & Expectations
University Computing Documentation Standard
Center for Internet Security (CIS) Critical Security Controls (CSCs)
| CIS CSC 1: Inventory and Control of Enterprise Assets | CIS CSC 10: Malware Defenses |
| CIS CSC 2: Inventory and Control of Software Assets | CIS CSC 11: Data Recovery |
| CIS CSC 3: Data Protection | CIS CSC 12: Network Infrastructure Management |
| CIS CSC 4: Secure Configuration of Enterprise Assets and Software | CIS CSC 13: Network Monitoring and Defense |
| CIS CSC 5: Account Management | CIS CSC 14: Security Awareness and Skills Training |
| CIS CSC 6: Access Control Management | CIS CSC 15: Service Provider Management |
| CIS CSC 7: Continuous Vulnerability Management | CIS CSC 16: Application Software Security |
| CIS CSC 8: Audit Log Management | CIS CSC 17: Incident Response Management |
| CIS CSC 9: Email and Web Browser Protections | CIS CSC 18: Penetration Testing |
Procedures
Vulnerability Management Process (CIS CSC 7: Continuous Vulnerability Management)
Policy Actions
Note: You must be logged in to your Weber Google Apps account on the browser you use to view these forms.