Component #11

Component #11:  Compliance 

 This section includes identifying applicable legislation, protecting intellectual property rights, protection of organizational and personal information, prevention of misuse of facilities, regulation of cryptographic controls, compliance with security policies, and audit considerations.

 The University’s Access and Privacy protection policies are described here.

 The University’s approved Acceptable Use Policy is described in Component # 3:  Asset Management.

 An approved enterprise policy on encryption of portable devices is described in Component #8: Systems Acquisition, Development and Maintenance.