This policy aims to define rules and requirements for connecting to the OU network from any host. These rules and requirements are designed to minimize the potential exposure to OU from damages resulting from unauthorized use of OU resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical OU internal systems, and fines or other financial liabilities incurred because of those losses.
The Cybersecurity Policy defines the minimum controls and safeguards to be implemented for all information technology assets, applications, hardware systems, and network resources owned or managed by OU staff or faculty.
This policy establishes requirements for password creation, management, and protection across all account types at the University. The goal is to safeguard institutional, student, research, and regulated data in compliance with applicable laws and frameworks.
This Cybersecurity Incident Response Plan establishes the procedures for identifying, reporting, and responding to a cybersecurity event. It establishes the basic language to discuss such events, identifies roles and responsibilities involved in responding to and recovering from these events, and provides a playbook for handling these events from the time an event is detected to the post incident report and event closing.
The System Logging Policy outlines the minimum processes that must be in place to ensure access and activity are recorded and reviewed to maintain compliance with the University of Oklahoma (OU) compliance requirements.
The System Logging Standard outlines the minimum processes or configurations that must be in place to ensure access and activity is recorded and reviewed to maintain compliance with the System Logging Policy.