The Information Security Program for the UNT System Enterprise is governed by UNT System Regulation 06.1000 Information Security and the UNT System Information Security Handbook. All mandates, standards, and guidelines below support the UNT System Information Security Program.
Mandates are official orders, directives, or authorizations that act in the best interests of the UNT System Information Security Program. They must be implemented to ensure the security of our environment.
Standards outline the minimum requirements designed to address certain risks and specific requirements to ensure compliance with the UNT System Information Security Program. The UNT System Enterprise community must comply with the standards by following prescribed procedures.
IDENTIFY:
- FERPA Compliance Procedures (PDF)
- Health Information Privacy Laws Compliance Procedures (PDF)
- Compliance Requirements for IT Systems and Services
- Information Ownership
PROTECT:
- UNT System NIST 800-171 Rev 2 Standard
- Information Security Users Guide
- Standards for Granting and Removing IT Access: Guide for Users (PDF)
- Mobile Device Encryption Mandate (PDF)
- Crowdstrike Endpoint Security Solution Compliance Mandate
- Cryptographic Controls Standard
- Secure Configuration Management Standard
- Change Enablement Standard
- Vulnerability and Patch Management Standard (PDF)
- Access Control Standard
- Web Hosting Standard
- Data Loss Prevention (DLP) (Requires Authentication)
- Identity and Access Management Standard
DETECT:
RESPOND:
RECOVER:
- Disaster Recovery