Security Policies, Standards, and Procedures
Submitted by jbelford on Thu, 07/23/2009 - 14:14
Georgia Tech maintains a set of Institute-Level policies, standards, and procedures that are intended to provide guidance on what resources should be secured, how they should be secured, and why they should be secured. The purpose of the Georgia Tech polices, standards, and procedures is not to inhibit the primary missions of the Institute, but rather to protect resources, users, and administrators alike.
** NOTE ** All policies have been move to the Institute Policy Library Page located at the following address: http://policylibrary.gatech.edu/information-technology
|Institute Level Policies
||These policies are to be applied at the Institute Level and may not be superceded by Unit-Level or lower policies. Units may draft Unit-Level policies to supplement the Institute Level policies.
||The standards provide guidance on how to implement the Institute-Level and Issue-Specific policies.
||These documents address certain processes that should be followed by the Institute. The procedures also provide guidance on how to implement processes discussed in the policies.
|Risk Assessments and Exceptions
||Contains the process and contact information for requesting an assessment and exception to Georgia Tech security policies. This process should be used if there is a legitimate business or research reason not to follow Institute Policies and Standards.
||Supporting documentation to the Georgia Tech policies, standards, and procedures including including definitions, FAQ's, tutorials, and forms.