Information Security Team

Information Security Policies and Standards site. Click the "Standards History" on left menu to view current Information Security Policies and Standards.

Wendy Wilde, CISSP, CISM, MSIT, | Information Security Officer & GLBA Program Officer

757-594-0704 | wendy.wilde@cnu.edu 

Karl Anderson, CISSP, MSIT, | Information Security Analyst

757-594-0708 | karl.anderson@cnu.edu 

2024 Security Awareness Training Due December 31. 2024:

Christopher Newport Information Security Policies and Standards

GROUPTYPENAMERESPONSIBLELAST UPDATE/REVIEW
VITAPOLICYVITA SEC-530 Information Security StandardVITASeptember 2023
VITAPOLICYVITA SEC-520 Risk Management StandardVITADecember 2021
VITAPOLICYVITA SEC-527 Security Awareness Training StandardVITADecember 2022
ACCOUNT MANAGEMENTSTANDARDAccount Management StandardINFORMATION SECURITYJune 2024
ACCOUNT MANAGEMENTSTANDARDUniversity Password StandardINFORMATION SECURITYJune 2024
ACCOUNT MANAGEMENTGUIDELINELocal Administrative PrivilegesINFORMATION SECURITYJune 2024
ACCOUNT MANAGEMENTPROCEDUREAccount ManagementINFORMATION SECURITYJune 2024
ACCOUNT MANAGEMENTPROCEDUREVPN Account ManagementINFORMATION SECURITYJune 2024
ACCOUNT MANAGEMENTPROCEDUREFirewall Account ManagementINFRASTRUCTUREJune 2024
ACCOUNT MANAGEMENTPROCEDUREBanner Account ManagementSYSTEMS & DATABASE OPERATIONSJune 2023
DATA GOVERNANCESTANDARDData Access StandardINFORMATION SECURITYJune 2024
DATA GOVERNANCESTANDARDData Classification StandardINFORMATION SECURITYJune 2024
DATA GOVERNANCESTANDARDData Protection StandardINFORMATION SECURITYJune 2024
DISASTER RECOVERYSTANDARDITS Disaster Recovery Plan (DRP)ITS LEADERSHIPJune 2024
DISASTER RECOVERYPROCEDUREBanner Disaster RecoverySYSTEMS & DATABASE OPERATIONSJune 2024
ENTERPRISE SERVICESSTANDARDSoftware Development Standard & RoadmapENTERPRISE SERVICESJanuary 2023
GLBASTANDARDGLBA Information Security ProgramINFORMATION SECURITYJune 2024
INCIDENT RESPONSESTANDARDSecurity Incident Response PlanITS LEADERSHIPJune 2024
INCIDENT RESPONSEPROCEDURESecurity Incident Response Plan Guidelines & ProceduresITS LEADERSHIPJune 2024
NETWORKSTANDARDNetwork Firewall StandardINFRASTRUCTUREJune 2024
NETWORKSTANDARDRemote Access & VPN StandardINFRASTRUCTUREJune 2024
POLICIESPOLICY6010 Acceptable Use of Computing ResourcesITS LEADERSHIPJuly 2024
POLICIESPOLICY6015 Unified Data PolicyITS LEADERSHIPJuly 2024
POLICIESPOLICY6035 Information Technology Change ManagementITS LEADERSHIPJuly 2024
POLICIESPOLICY6040 Remote Access & Virtual Private Network PolicyITS LEADERSHIPJuly 2024
POLICIESPOLICY6045 Information Security PolicyITS LEADERSHIPJuly 2024
RISK MANAGEMENTSTANDARDRisk Assessment StandardINFORMATION SECURITYJune 2024
RISK MANAGEMENTSTANDARDThird Party Vendor Risk Management StandardINFORMATION SECURITYJune 2024
RISK MANAGEMENTSTANDARDBusiness Continuity Plan (BCP)INFORMATION SECURITYDRAFT
RISK MANAGEMENTPROCEDURERisk Assessment Guidelines & ProceduresINFORMATION SECURITYJune 2024
RISK MANAGEMENTPOLICYThird Party Vendor Risk Mangement ProceduresINFORMATION SECURITYJune 2024
SYSTEMS & DESKTOPSTANDARDSystems Monitoring & Logging StandardINFORMATION SECURITYJune 2024
SYSTEMS & DESKTOPSTANDARDSystems & Software Patching StandardINFORMATION SECURITYJune 2024
SYSTEMS & DESKTOPSTANDARDVulnerability Assessment & Management StandardINFORMATION SECURITYJune 2024
SYSTEMS & DESKTOPSTANDARDEncryption StandardINFORMATION SECURITYJune 2024
SYSTEMS & DESKTOPGUIDELINEITS Systems & Application Hardening GuidelinesSYSTEMS & DATABASE OPERATIONSMarch 2020
SYSTEMS & DESKTOPPROCEDUREITS System Logging ProceduresSYSTEMS & DATABASE OPERATIONSFebruary 2023
TRAININGSTANDARDSecurity Awareness Training StandardINFORMATION SECURITYJune 2024
TRAININGSTANDARDRole Based Security Training StandardINFORMATION SECURITYJune 2024