Office of Information Technology

IT Procedures

Information Security Incident Response Procedures

Outlines the procedures that Information Security personnel follow in response to an information security incident.

Server Procedures for Personal Information Servers Document

Outlines required security procedures for servers that store Personal Information at SMU.

Registration Form for Servers that store Personal Information

Per the Security Procedures for Personal Information Servers, all servers which store Personal Information are required to complete a defined registration process before they may be used to store Personal Information at SMU.

Security Procedures for Personal Information Computers

Document outlining required security procedures for computers which store Personal Information at SMU.

Personal Information Storage Exception Procedures

Any device which stores Personal Information, but does not meet all applicable requirements in the "Security Procedures for Personal Information Servers" or the "Security Procedures for Personal Information Computers" must follow these exception procedures.

Exception Form for Personal Information Storage Exception

Per the Personal Information Storage Exception Procedures, certain devices which store Personal Information must be approved before they may be used to store Personal Information at SMU.

Destruction of Electronic Personal Information Data Procedures

Document describing when and how electronic Personal Information must be sanitized, and who bears associated responsibilities.

Desktop Database Security

Policy and Best Practices for Databases.

Identity Theft Prevention Program

Outlines a program that is designed to identify, detect, and mitigate identity theft in connection with SMU accounts in response to the Federal Trade Commission's "Red Flag Rules".