Information Security

Policies, Procedures & Standards.

Report an Incident

Security Policies Procedures and Standards


Policies set forth expectations on various subjects, approved at the highest level of the organization, and designed to stand regardless of changes in people, technology, or the mission.

SEC-01 Application Security Policy

SEC-02 Disposition of IUSM Electronic Media

SEC-03 Back-up and Recovery Policy

SEC-04 Incident Response Policy

IUSM SEC-05 Security of Mobile Computing Devices

SEC-06 Electronic Mail Security Policy

SEC-07 Security of the IUSM Research Community

SEC-08 Anti-Virus Policy

SEC-09 Patch Management Policy


Procedures implement policies by providing guidance to accomplish specific tasks using tools and techniques that may vary over time.

IUSM PROC-01 Media Disposition Procedures

IUSM PROC-02 Patch Management Process

IUSM PROC-03 DMCA Complaints

Standards and Guidelines

Standards establish a baseline for accomplishing procedures.

DOD Standard on Wiping Hard Drives

Appropriate System Access Control Guideline

Laptop Standards and Specifications Worksheet

Guidance on the Protection of CRITICAL Data in IU Health Sciences

Links to University-Wide Policies

Technology Policies

CAITS Resources