Compliance

The university has a responsibility to comply with applicable legal, regulatory, and contractual requirements with respect to safeguarding university information resources.  Because the university operates in such a complex environment, a formal information security framework is necessary to promote compliance.  At UNC Charlotte, we have adopted an international standard for information security controls – ISO/IEC 27002. This standard provides the framework for our Information Security Policy and all its supporting Standards and Guidelines. 

The following checklists provide guidance for the assessment of information security compliance for university employees and systems (campus and externally hosted).

EMPLOYEE CHECKLIST FOR INFORMATION SECURITY

The Employee Checklist for Information Security acts as a guide to assist individuals in safeguarding University information resources in an appropriate manner.  More detailed information may be found in the Standards and Guidelines associated with University Policy 311 Information Security.

INFORMATION SECURITY CHECKLIST FOR CAMPUS SYSTEMS

The Information Security Checklist for campus systems should be used as a starting point to review information security related to the systems and services owned by each unit and/or college. These topic areas are supported by the Standards and Guidelines associated with University Policy 311 Information Security.

INFORMATION SECURITY CHECKLIST FOR EXTERNALLY HOSTED SYSTEMS

The Information Security Checklist for Externally Hosted Systems should be used as a starting point to review information security related to the systems and services owned by the unit, department, or college but hosted by a third party on an external network.  These topic areas are supported by the Standards and Guidelines associated with University Policy 311 Information Security.