Northeastern Policies and Legal Notices
NP 6-10 – Cyber Security Policy
Approved:
Effective:
REFERENCES: Family Educational Rights and Privacy Act, 20 U.S.C. §1232g, 34 CFR. Part 99 Gramm-Leach-Bliley Act, 15 U.S.C. 6801-6809, 16 CFR. Part 314 C.R.S. § 24-73-101–103, Protection of Personal Identifying Information Act of 2018
SP 6-10a Acceptable Use of Information Assets Procedure
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy; Board Policy (BP) 3-125; Electronic Communication Policy; System Procedure (SP) 6-10b Access and Authentication; System Procedure (SP) 6-10s, Remote Access
SP 6-10b Access and Authentication
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10c Anti-virus and Anti-malware Management
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10d Information Asset Management
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10a, Acceptable Use of Information Assets System Procedure (SP) 6-10k, Data Classification, Handling, and Protection System Procedure (SP) 6-10p, IT Risk Management System Procedure (SP) 6-10t, Security Testing
SP 6-10e Audit Logging and Monitoring
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10b, Access and Authentication System Procedure (SP) 6-10r, Physical Security and Access System Procedure (SP) 6-10q, Network Device Configuration System Procedure (SP) 6-10c, Anti-Virus and Anti-Malware Management System Procedure (SP) 6-10f, Backup and Recovery System Procedure (SP) 6-10n, Information Security Incident Response
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10o, Information Technology Continuity
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10a, Acceptable Use of Information Asset System Procedure (SP) 6-10e, Audit Logging and Monitoring System Procedure (SP) 6-10k, Data Classification, Handling, and Protection
SP 6-10k Data Classification, Handling, and Protection
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10l Data Retention and Disposal
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy Board Policy (BP) 3-110, Records Management System Procedure (SP) 3-100, Evidence Preservation Procedure
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10o Information Technology Continuity
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10f, Backup and Recovery
SP 6-10p Information Technology Risk Management
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10q Network Device Configuration
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10r Physical Security and Access Procedure
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10h, Clear Desk Procedure
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10u Security Awareness Training
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy
SP 6-10v Server and Workstation Configuration
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10b, Access and Authentication System Procedure (SP) 6-10c, Anti-Virus and Anti-Spyware Management
SP 6-10x Third Party Management
REFERENCES: Board Policy (BP) 6-10, Cyber Security Policy System Procedure (SP) 6-10a, Acceptable Use of Information Assets System Procedure (SP) 6-10s, Remote Access
Approved: