Information Technology Services (ITS) at the University of Nebraska has developed the following Incident Management Process in the event of the failure of an ITS-supported application or infrastructure service. The purpose of this Incident Management Process is to establish a consistent, repeatable process for ITS staff to minimize the duration and impact of University business and IT infrastructure service interruptions.
In April, 2016, on behalf of the Data Governance Council commissioned by University of Nebraska President, a working committee was formed with the primary purpose to protect the University of Nebraska (NU) and the Nebraska State College System’s (NSCS) institutional data (includes, and is not limited to, information in paper, electronic, audio, and visual formats) while preserving the open, information-sharing mission of their academic cultures. The University of Nebraska and the State College System classify institutional data in accordance with legal, regulatory, administrative, and contractual requirements; intellectual property and ethical considerations; strategic or proprietary value; and/or operational use. The following outlines identified high risk data and minimum data security requirements to protect that data.
ITS-01 Establishing Information Security Policy
ITS-02 Information Systems Change Control Policy
ITS-03 NU Risk Management Policy (Draft Under Review)
ITS-04 NU Vulnerability Management Policy (Draft Under Review)
ITS-05 NU Restricted Data Policy (Draft Under Review)