The ITS IT Policy team is focused on ensuring all IT policies and standards are up-to-date and remain credible, implementable, and enforceable over time. In the last few months, we have released an IT standard on Endpoint Security Administration (DS-23) and published a significant revision to the Network Security (DS-14) standard.
A number of IT policies and standards are queued up for revision this spring, including:
- Updating the university standard on Security Log Collection, Analysis, and Retention (DS-19) to include new requirements for security log collection.
- Revising the university standard on Access, Authorization, and Authentication Management (DS-22) to remove outdated references and include new requirements for access to U-M systems.
- Modernizing the university policy on Institutional Data Resource Management (SPG 601.12) to reflect updates to technology and the revitalized U-M Data Governance Framework.
- Revising the university policy on Information Security Incident Reporting (SPG 601.25) to make it clearer and more concise.
We encourage SULs and security community members to regularly visit the Policies Under Review page on the website of the Office of the Vice President for IT & CIO to stay up-to-date on the latest updates and revisions. We welcome your feedback at [email protected].