Enrollment Services Information Security Policy

The Enrollment Services at the Georgia Institute of Technology formally signed and began implementation of their unit level information security policy on Monday, December 2, 2002.

Three documents are currently associated with this policy and are available below in .PDF format.

The first reference document associated with the approved Enrollment Services Information Security Policy is a brief summary of the policy. This is an overview highlighting areas of interest.

The second document is the PowerPoint Policy Training Presentation for education and awareness surrounding the Business Office and OHR Information Security Policy. While attending a training class is mandatory, this presentation is available to ensure that the maximum amount of information possible is available.

The third document is the actual Enrollment Services policy document. The policy is also available through the subject listings below.

Enrollment Services
Information Security Policy

1. Purpose
2. Scope
3. Policy
4. Security Incident Reporting
5. Practices to Implement This Policy
6. Responsibilites
     6.1 Employees
     6.2 Enrollment Services Senior Management
7. Changes to This Policy
8. Recommended Practices and Procedures
     8.1. People/Funding
          8.1.1. Departmental Computer Support
          8.1.2. Information Security Staff
          8.1.3. Enrollment Services Staff
          8.1.4. Employee Termination and Clearance
     8.2 System/Network Management
          8.2.1 Minimize Technology Diversity
          8.2.2 Apply Patches and Updates
          8.2.3 Manage Access Control Information
          8.2.4 Logon Banners
          8.2.5 Connection and Port Control
          8.2.6 Virus/Worm Control
          8.2.7 Ancilliary Systems Backup and Disaster Recovery
          8.2.8 Physical Security
          8.2.9 Accountability and Auditing
9. Definitions