Fayetteville Policies and Procedures: Policy Update
The U of A has updated the Fayetteville Policies and Procedures for 921.0 Data Classification.
The data classification policy has been adopted to replace a former policy on the same subject, classifying data into four categories based on levels of sensitivity and to assign oversight responsibilities to the campus information security officer.
The new data classification policy, combined with other recently adopted policies around the use of information technology (listed below), will better align the U of A with best practices and with the standards issued by the National Institute of Standards and Technology (NIST):
- 911.0 Data Security Incident Response
- 912.0 Highly Sensitive Data Clean Desk and Clear Screen Policy
- 913.0 Information Security Policy Exemption
- 924.0 Data Disposal
- 925.0 Backup and Recovery Systems
- 926.0 Data Loss Prevention
- 933.0 Antivirus and Anti-Spyware Requirements and Virus Reporting
- 936.0 Mobile Device Security
- 946.0 Privileged Access to Sensitive University Data and Data Systems: Device Administrator Restrictions
All other information technology policies have been renumbered to be included in a new 900 series of policies. No changes have been made to the policies.
|
Previous Policy |
New Policy |
Title |
|
201.0 |
Code of Computing Practices |
|
|
202.0 |
IT Services supported software |
|
|
309.6 |
Acquisition of Enterprise Systems |
|
|
727.0 |
Telephone use |
|
|
223.0 |
UARKnet organization |
|
|
729.0 |
UARKnet connection |
|
|
709.0 |
Fiber optic cable management |
Contacts
Rifi Raindriati, assistant to executive vice chancellor
Division of Finance and Administration
479-575-5828,
rnraindr@uark.edu