Information Technology Policies, Standards, Baselines and Guidelines
Virginia Commonwealth University provides and maintains computing resources to support the University's mission critical operations of education, research, service and administration. In order to ensure that these resources are used ethically, equitably, and legally by faculty, staff and students, VCU has established certain IT policies, standards, baselines, and guidelines. All users of VCU systems, data, information and technology resources must adhere to these requirements.
Shown below is the Information Technology Policy Framework listing the IT Policies, Standards, Baselines and Guidelines. Highlighted document names contain links to view the currently published version. All current policies can also be found on the university's Policy Library. In addition, documents planned for development, in development or in the review and approval process are also listed. Links to the finalized and published documents will be provided as those documents become available. Access for IT professionals to the Information Technology Professionals Intranet can be obtained by contacting email@example.com.
The Data Managment System (dms.vcu.edu) is a tool which can be used to determine approved practices for the handling, storage, processing, and transmission of VCU data.
Information Technology Baseline
Information Technology Baselines are used by IT Professionals in conjunction with Information Technology Standards and Policies. The Baseline documents are technical documents for use by IT professionals. They contain a set of technical requirements that define the minimum required standard practices. These documents can be found in the IT Professionals Intranet (ITPI) under IT Resources - Security Baselines unless otherwise noted. Access to the IT Professionals Intranet is restricted to authorized IT professionals. IT professionals can request access by contacting firstname.lastname@example.org.
Information Technology Guideline
An information technology guideline is a recommended practice that allows some discretion or leeway in its interpretation, implementation, or use.
Information Technology Standard
An information technology standard is a formal document for an established norm of methods, criteria, and processes for technology subjects. Standards are dervied from the associated University Policy.
Key to Acronyms:
ITPI - Information Technology Professionals Intranet
NID - New in Development
NIRAP - New in Review/Approval Process
RID - Revisions in Development
RIRAP - Revisions in Review/Approval Process
TBD - To Be Developed
Information Technology Policy Framework
Media Sanitization Security Guideline (ITPI)
Research Information Security Baseline (ITPI)
Removable / Portable Storage Device Security Baseline (TBD)
System Backup Baseline (TBD)
Data Encryption Baseline (TBD)
Network Configuration and Security Baseline (ITPI)
Personnel Security Standard (NIRAP)
Active Directory Management Baseline (ITPI)
Apache Tomcat Server Configuration Baseline (ITPI)
Apache Web Server Configuration Baseline (ITPI)
Apple Desktop / Laptop Configuration Baseline (ITPI)
Application Security Baseline (ITPI)
Automated Software Distribution Baseline (ITPI)
Apple iOS Configuration Baseline (TBD)
Google Android Configuration Baseline (TBD)
Linux Desktop / Laptop Configuration Baseline (ITPI)
Linux Server Configuration Baseline (ITPI)
Microsoft IIS Web Server Configuration Baseline (ITPI)
Microsoft SQL Server Configuration Baseline (ITPI)
MySQL / MARIADB Configuration Baseline (ITPI)
Oracle Configuration Baseline (ITPI)
Public, Classroom, and Lab Computer Configuration Baseline (ITPI)
VCU IT System Pre‐Authentication Banner Text (ITPI)
Windows Desktop / Laptop Configuration Baseline (ITPI)
Windows Server Configuration Baseline (ITPI)