Search120 Results

To describe minimum requirements for members of the University of North Carolina at Chapel Hill ("University" or "UNC-Chapel Hill") experiencing a concern that might indicate a Possible Information Security Incident. To specify Information Security Incident authority and role requirements for Information Security Incident Handlers and Information Security Liaisons.

The University's Information Security Office is working to make the Information Security Program more consistent and clear. This Standard provides definitions that will apply to all Information Security Policies, Standards, and Procedures as they are updated to refer to it.

This Standard defines the minimum security standards “MSS” for Information Technology systems in use at UNC-Chapel Hill including personal and University-owned devices and third-party systems. Units within the University may apply stricter controls to protect information and technology in their areas of responsibility. The standard applies to each person in the University community and their devices. Please see the “Exceptions” section for phased implementation options through 2027.

To provide guidance for individuals and units on responsibilities for managing suppliers of Information Technology (IT) services, software, and systems. To manage risk to university information and other assets by creating clearer communication and understanding between vendors and University staff. To define required security controls monitoring activities.

The Wireless Standard provides a structure for managing the shared resource of wireless communications spectrum on the UNC-Chapel Hill campus. The UNC-Chapel Hill technology infrastructure is provided to support University operations and its mission of education, service, and research.

This policy sets up a framework for protecting University data. This framework: gives responsibilities to the stewards, managers, and custodians of University data; empowers the Enterprise Data Coordinating Committee (EDCC) to give advice about the best way to manage and protect enterprise data that still meets the University’s needs; and charges the EDCC with recommending standards and procedures for governing enterprise data.

This policy describes the terms required for use of ConnectCarolina, InfoPorte, associated reporting tools, and other University business applications (“Administrative Systems”).

The Onyen ("Only Name You'll Ever Need") is a unique identifier given to everyone affiliated with the University. The Onyen gives each person secure access to electronic resources and proves their identity if they follow this policy.

All members of the University community who engage with any University information technology (including wireless or other networks) must adhere to this Acceptable Use Policy.

This policy defines a framework for the Information Security Program. It gives direction for policies, standards, and procedures that relate to security. These documents tell us how to include information security in all the ways we work at the University of North Carolina at Chapel Hill.

The Information Classification Standard gives a structure for the University's information. This structure helps us recognize the types of University Information we handle. It makes it easier to keep the information safe. This Standard considers the University's academic culture, which values sharing information. Classifying information the right way gives everyone at the University, at every level, a structure that supports their University activities.

The University has obligations to ensure integrity and accessibility of records, and security of sensitive University information that may be sent or received via email. This policy advises individuals of their obligations to use only their University email account and not personal email accounts for University business and to manage the records resulting from that use in accordance with applicable policy, standards, and procedures.

This Standard to the Policy on Enterprise Data Governance describes each role that plays a part in governing University Data at the University of North Carolina at Chapel Hill ("University"). The roles are: Enterprise Data Coordinating Committee (EDCC); data trustees, data stewards, and data managers, who make up the Data Governance Oversight Group (DGOG); and data custodians in units across campus. This Standard also defines what kind of data makes up the University’s "enterprise data."

This standard provides structure for effective operation of data networks for the University in accordance with the UNC-Chapel Hill Data Network Policy. This document represents minimum requirements related to all forms of data networking at the University.

Requirements for all data network activities at the University. Central coordination of data networks supports the University mission of education, service, and research. It is the responsibility of ITS to coordinate, monitor, and manage University network traffic and activities. Compliance with this policy and related Standard helps our campus facilities adhere to FCC and other regulatory requirements, not disrupt statewide or larger networks, and provide robust and reliable services..