Help Center
Having Trouble? We are here to help.
Call: 1-855-ASU-5080 (1-855-278-5080)

Information Security Standards

Last Updated:  4/11/13 5:48:56 PM 8373-8193-4904


ASU's Information Security Office has created standards that set the minimum requirements for IT systems (endpoint, server, infrastructure, etc.) running across the University.  In addition, guidelines regarding the expected coding practices for web development have been documented.  Below is a list of these standards accompanied by brief descriptions of each.

  • System Audit Requirements Standard (logging)

    This document contains requirements for logging activities for systems that handle high-risk and/or confidential information, accept network connections, or make access control decisions.
  • Information Security Incident Response Standard
    This standard outlines the workflow, roles and responsibilities, and escalation provisions with respect to identifying and handling information security incidents at Arizona State University.
  • Data Handling Standard
    This standard outlines the responsibilities and controls required for handling all University managed information in any form.

  • Patch Management Standard
    This patch management standard describes basic patch management expectations for university systems.
  • Peer to Peer File Sharing Standard
    This document describes acceptable and prohibited uses of P2P software and protocols on ASU's network, University sanctions for prohibited uses, and responsibilities for compliance.
  • Software Development Life Cycle Information Security Standard
    This standard outlines security related responsibilities and expectations for software development that occurs at the University.
  • Secure Web Development Standard
    This standard establishes guidelines and standards for the preservation of the confidentiality, integrity and availability of University information resources associated with ASU web sites.
  • Anti-Virus Standard
    All user and server systems that utilize the University network are required to have a supported and current version of anti-virus in order to perform due diligence towards protecting University systems.

Fore more information, please review the Security Governance Section from

Improve the Help Center. Provide Feedback.
Did this article resolve your issue? *