Information Technology Policies
The policies shown and linked below are IT-related excerpts pulled from the full CMU Administrative Policies Manual. Click on the buttons to read the full policies.
3-12 Disposal or Transfer of Computers and Other Digital Assets
Ensures that CMU devices are securely wiped or destroyed before transfer or disposal.
Read the full policy3-23 Digital Communications
Defines appropriate use of CMU email and digital messaging tools.
Read the full policy3-30 Data Stewardship
Roles, classifications, and rules for safeguarding CMU data.
Read the full policy3-33 SAP Security - Authority, Rights, and Responsibilities
How SAP access is granted, approved, and limited at CMU.
Read the full policy3-38 Web Policy
Standards for CMU websites, including ownership, hosting, branding, and accessibility.
Read the full policy3-42 Information Security Policy
University-wide rules for protecting CMU data and systems.
Read the full policy3-48 Password Policy
Outlines password standards required for all systems and accounts that access CMU data.
Read the Full Policy3-49 Secure Configurations Policy - Workstations
Baseline security standards for CMU-owned computers, laptops, tablets, etc.
Read the full policy3-53 Information Security Incident Response Policy
CMU's process for investigating and mitigating security incidents.
Read the full policy3-54 Secure Configurations Policy - Printers
Baseline security standards for CMU networked printers.
Read the full policy3-57 Secure Server Configurations Policy
Baseline security standards for CMU servers.
Read the full policy