Information Technology (IT) is committed to providing the technological resources necessary to create a world-class learning and teaching environment for Weber State University through careful and thoughtful planning and execution. Policies executed to allow an open and collaborative environment to protect our most vital information resources. These elements are critical in providing long-lasting, productive, and synergistic changes to the University computing environment.

Managing the vast information technology resources required to sustain staff functions and student learning can be challenging. To do this effectively, IT has developed and continues to refine a set of Policies, Standards, Procedures, and Guidelines to govern how we do business.

Please get in touch with the the Project and Strategy Architect if you have any questions (njarvis@weber.edu).
 

New Policy Request  Policy Change Request  Policy Exception Request  

 

Note: You must be logged in to eWeber to view these forms.

Policy and Procedure Manual (PPM) for IT
 

Section 10-1

Information Security Policy

Section 10-2

Acceptable Use Policy (AUP) of University Information Technology Resources

Section 10-3

Network Security/Firewall Policy

Section 10-4

Payment Card Handling Policy

Section 10-5

University Telecommunications Services Policy

Section 10-6

Mobile Device Policy

Section 10-7

Cloud Storage and Application Policy

 

Standards & Guidelines

Active Directory Management Standard

Alternative Work Guidelines & Expectations

University Computing Documentation Standard

Oracle Java SE Licensing & Compliance Standard

Center for Internet Security (CIS) Critical Security Controls (CSCs)

The following appendices correspond to each CIS CSC Standard:
Appendix A: Acronyms and Abbreviations
Appendix B: Glossory

CIS CSC 1: Inventory and Control of Enterprise Assets

CIS CSC 2&15: Software Asset & Service Provider Management

CIS CSC 3: Data Management

CIS CSC 4: Secure Configuration of Enterprise Assets and Software

CIS CSC 5&6: Account Management/Access Control Management

CIS CSC 7: Continuous Vulnerability Management

CIS CSC 8: Audit Log Management

CIS CSC 9: Email and Web Browser Protections

CIS CSC 10: Malware Defense

CIS CSC 11: Data Recovery

CIS CSC 12: Network Infrastructure Management

CIS CSC 13: Network Monitoring and Defense

CIS CSC 14: Security Awareness and Skills Training

CIS CSC 16: Application Software Security

CIS CSC 17: Incident Response Management

CIS CSC 18: Penetration Testing

 

Procedures

CIS CSC 2&15: Software Asset & Service Provider Management Procedure

CIS CSC 3: Data Management Procedure

CIS CSC 4: Secure Configuration of Enterprise Assets and Software Procedure

CIS CSC 7: Continuous Vulnerability Management Procedure