Apply
  1. U of R Home
  2. IS
  3. Information Security
  4. Information Security Policies and Standards

Information Security Policies and Standards

Information Security Standards

Information Services has published information security standards to provide a minimum, mandatory baseline at the University of Regina. These standards are based on published, external standards, such as NIST (National Institute of Standards and Technology) and ISO (The International Organization for Standardization) 27001 & 27002.  

University of Regina Policy OPS-080-005, "Use of Computer and Network Systems," requires authorized users to take appropriate security precautions to protect and secure data, and requires users to keep security measures current.  

  • The standards, below, serves the goal of the policy by providing a target for maintaining and improving information security of the University.  
Information Security Standard Audience
Password Management Standard
Authentication Management Standard
  • Owners or administrators of applications or systems which control access to University information systems or data.
  • Associated with the Password Management (OPS-050-035) policy.
Network Printer, Scanner, Fax and Multifunction Device (MFD) Security Standard
  • Owners or administrators of network printers, scanners, fax or multifunction devices.
Network Firewall Standard
Bring Your Own Device and Personally Managed Device Standard 
  • Users of personally owned or personally managed device such as,
  • smartphones, tablet and desktop computers, laptops,
  • and similar equipment is used to process University data.
Information Risk Classification Framework
  • Provides classification of information by risk (high, medium, and low), and examples of each type of data.
Data Handling Standard
  • For each risk level found in the information risk classification,
  • essential, required, and recommended controls are provided to inform the commensurate protection and controls.

Information Security Policies