Policies and Standards



The university generates considerable amounts of information vital to the success of the institution. Effectively managing and protecting these information assets is critical to ensure the university is able to fulfill its objectives. The university's Information Asset Management Policy outlines the principles that govern the manner in which information assets are managed and protected. The Institutional Data Governance Practice operationalizes this policy.



Data elements identified to be critical to the operation of the university must be assigned a security classification as outlined in the Information Security Classification Standard. This standard establishes a framework for classifying information assets based on confidentiality, and for determining baseline security controls for the protection of information assets based on their confidentiality classification.