Policy and Standards

Systemwide Information Security Policy

The Systemwide Information Security Policy is part of the new Integrated California State University Administrative Manual (ICSUAM). 

• System-wide Information Security Policy

Chico Policy 

• EM 97-18, Policy on Use of Computing and Communication Technology
• EM 07-01, Revised Policy on Use of Computing and Communication Technology for Faculty
• Password Policy

Chico Standards

• Account Management Standards (PDF)
• Application Code Development Standard (PDF)
• Data Classification and Protection Standards (PDF)
• Exception Justification (Word)
• Exchange 2007 Border Firewall Standard (PDF)
• Privileged Account Procedure (PDF)
• Remote Computing Security Standard (PDF)
• Server Security Baseline Standards (PDF)
• Shared Account Exception Procedure (PDF)
• Vulnerability Management Baseline Standards (PDF)

Plans & Reports

• Information Security Plan (PDF)
• Payment Card Industry Data Security Standard (PCI DSS) Compliance
• Identity Theft - Red Flags Program (PDF)