Search101 Results

This standard sets a minimum baseline for managing vulnerabilities on any UNC-Chapel Hill system required by the UNC-Chapel Hill Information Security Controls Standard to be scanned for vulnerabilities. Please see the “Exceptions” section for phased implementation through 2026.
This Standard defines the minimum security standards “MSS” for Information Technology systems in use at UNC-Chapel Hill including personal and University-owned devices and third-party systems. Units within the University may apply stricter controls to protect information and technology in their areas of responsibility. The standard applies to each person in the University community and their devices. Please see the “Exceptions” section for phased implementation options through 2027.
The University strives to create a welcoming and safe environment for all individuals. Consistent with this goal, the University will not employ individuals or appoint unpaid affiliates with prior non-expunged criminal convictions, arrests, charges or driving records (when applicable) who are determined to pose an unacceptable safety risk to the University or its employees, students and visitors.
This policy is to ensure that all purchases of goods or services made by faculty and staff at the University of North Carolina at Chapel Hill are in compliance with North Carolina law (§ 143-58) as enacted by the legislature and implemented by the State Department of Purchase and Contract.
The University of North Carolina at Chapel Hill (UNC-Chapel Hill) is a constituent institution of the University of North Carolina and an agency of the State of North Carolina and is open and responsive to information requests from the public and the news media. UNC-Chapel Hill is committed to a policy of openness, honesty, and cooperation.
This Policy outlines the requirements for the establishment of an evaluation cycle for the review of the School of Medicine’s student competencies and enabling competencies based on the School of Medicine’s curriculum and education phases.
Academic-related, off campus travel (“Academic Travel”) enhance the learning experiences of students and are integral to many courses at the University of North Carolina at Chapel Hill. This Procedure outlines the steps needed to establish an Academic Travel and minimize the risk to the University when taking students off campus.
This School of Medicine (SOM) Unit Policy establishes the mechanisms by which students, faculty, preceptors, fellows and residents learn about the SOM’s competencies, enabling competencies and learning objectives for each required learning experience.
This Policy prohibits (i) all forms of Discrimination and Harassment based on Protected Status; (ii) Sexual Violence and Sexual Exploitation, (iii) Stalking and Interpersonal Violence, which need not be based on an individual’s Protected Status; (iv) Complicity for knowingly assisting in an act that violates this Policy; and (iv) Retaliation against an individual because of their good faith participation in the reporting, investigation, or adjudication of violations of this Policy.
This Policy is promulgated for the purpose of implementing the Board of Governors’ (BOG) Policy on Conflicts of Interest and Commitment Affecting Faculty and Non-Faculty EHRA Employees.
To provide guidance for individuals and units on responsibilities for managing suppliers of Information Technology (IT) services, software, and systems. To manage risk to university information and other assets by creating clearer communication and understanding between vendors and University staff. To define required security controls monitoring activities.
To describe minimum requirements for members of the University of North Carolina at Chapel Hill ("University" or "UNC-Chapel Hill") experiencing a concern that might indicate a Possible Information Security Incident. To specify Information Security Incident authority and role requirements for Information Security Incident Handlers and Information Security Liaisons.
Failure to protect information through the use of strong passwords/pass-phrases and additional authentication methods may result in incidents that expose sensitive information and/or impact mission-critical UNC-Chapel Hill services. This Standard outlines minimum requirements for authentication mechanisms for information systems under the University's control and password strength and other requirements for accounts on University systems and accounts that use University data.
Protected Health Information (PHI) and Sensitive Information (SI) that is transmitted or received on behalf of the University of North Carolina at Chapel Hill by any Constituent must be encrypted in accordance with this Standard, which details required minimum encryption standards for University Tier 2 and Tier 3 information. Particular transmissions may require a heightened encryption requirement or consideration of additional legal or policy requirements.
This policy has three main goals: (1) To meet the needs of our students and other stakeholders; (2) To facilitate transparency and accountability about our performance to the public, and (3) To establish clear and equitable expectations and guidelines about the distribution of work among faculty members.