Record Details

Policy Title:

Information Security Program

Policy Number:



This policy establishes the Nebraska State Colleges' Information Security Program (ISP) which ensures availability, confidentiality and integrity of NSCS Technology Resources. Collectively, these programs will constitute the Information Security Program (ISP) for the NSCS, and this NSCS ISP shall satisfy the Gramm-Leach-Bliley Act (GLBA) requirements for non-public financial data.

The policy also includes the following Information Security Program Standards:

  • Standard 1: Definitions and Related Law, Policy and References
  • Standard 2: Responsibilities, Enforcement and Exceptions
  • Standard 3: Security Training and Awareness
  • Standard 4: Information Protection
  • Standard 5: Acceptable Use Policy
  • Standard 6: Computer and Network Security
  • Standard 7: Configuration and Change Management
  • Standard 8: Email
  • Standard 9: Physical Security
  • Standard 10: Technology Resources Acquisition
  • Standard 11: Payment Card Data Protection
  • Standard 12: HIPAA Security Rules and the HITECH Act
  • Standard 13: Cloud Computing
  • Standard 14: Information Systems Security Risk Management
  • Standard 15: Bring Your Own Device (BYOD)
  • Standard 16: Incident Management
File Name: Policy_7003.pdf
File Size: 101,069 KB