Policies & Procedures

SMSU Policies and Procedures

I-001  Policy: Information Security

Pursuant to MnSCU Board Policy 5.23, it is the policy of the University to protect the security and privacy of its information resources and to make information accessible as required by law. The University shall maintain the confidentiality, integrity and availability of information resources; ensure continuity of operations; prevent, control and minimize the impact of security incidents; and manage risks to those resources regardless of the storage medium, transmission or disposal methods.

All users of University information resources are responsible for the privacy, security, and appropriate use of those resources over which they have authority, access or control, and for compliance with applicable laws, regulations, policies, procedures, and other standards.

This policy applies to all users of University information resources; and to all University information resources in any form or storage media, wherever located.

The Chief Information Officer in conjunction with the Information Security Team is charged with developing security and privacy procedures, standards and guidelines under this policy. These procedures, standards and guidelines shall be consistent with relevant policies, procedures and guidelines adopted by the MnSCU Board of Trustees and the system office.

Users who violate this policy or related System, college or university procedures shall be subject to disciplinary action through appropriate channels. Violations may be referred to appropriate law enforcement authorities. 

I-002  Policy: Computer and Network System Use and Security

Pursuant to MnSCU Board Policy 5.13, it is the policy of the University to provide appropriate access to information technology resources, including but not limited to computers, software, e-mail accounts, internet access and similar computing tools for students, faculty and staff for fulfilling their roles and responsibilities, and for appropriate related activities. These information technology resources shall be securely maintained in a manner that is consistent with the University's mission, applicable Board polices, and federal and state laws and regulations.

All users of University information technology resources are expected to use these resources responsibly and in a manner that is in compliance with applicable Board policies, and federal and state laws and regulations. Users who violate this policy may be referred to appropriate law enforcement authorities.

The Chief Information Officer is responsible for ensuring appropriate access to information technology resources and for developing guidelines, standards and procedures for the operation, use and security of these resources. In addition, the Chief Information Officer in conjunction with the Information Security Team is charged with developing information security and privacy guidelines, standards and procedures under this policy. These guidelines, standards and procedures shall be consistent with relevant policies, procedures and guidelines adopted by the MnSCU Board of Trustees and the system office including Board Policies 5.22 and 5.23.

Last Modified: 1/26/17 1:47 PM