The Business Office and the Office of Human Resources (OHR) at the Georgia
Institute of Technology formally signed and began implementation
of their unit level information security policy on Friday, October 11, 2002 at
9:30 am.
Two documents are currently associated with this policy and are available below in .PDF
format.
The first reference document associated with the approved Business Office and
OHR Information Security Policy is a brief summary
of the policy. This is an overview highlighting areas of interest.
The second document is the PowerPoint Policy Training Presentation for education and awareness surrounding
the Business Office and OHR Information Security Policy. While attending a training class is mandatory, this
presentation is available to ensure that the maximum amount of information possible is available.
The third document is the actual Business
Office and OHR policy document. The policy is also available through the subject listings below.
The Business Office and OHR
Information Security Policy
1. Purpose
2. Scope
3. Policy
4. Security Incident Reporting
5. Practices to Implement This Policy
6. Responsibilites
6.1 Employees
6.2 Business Office and OHR Senior Management
7. Changes to This Policy
8. Recommended Practices and Procedures
8.1. People/Funding
8.1.1. Departmental Computer Support
8.1.2. Information Security Staff
8.1.3. General Business Office Staff
8.1.4. Employee Termination and Clearance
8.2 System/Network Management
8.2.1 Minimize Technology Diversity
8.2.2 Apply Patches and Updates
8.2.3 Manage Access Control Information
8.2.4 Logon Banners
8.2.5 Connection and Port Control
8.2.6 Virus/Worm Control
8.2.7 Ancilliary Systems Backup and Disaster Recovery
8.2.8 Physical Security
8.2.9 Accountability and Auditing
9. Definitions
Home : Information Security : Architecture : Unit Level Policy : Business Office-OHR 
