New and Revised Information Security Standards

View All


Printer-friendly version PDF version

New and Revised Information Security Standards

To: All University Employees


UA Information Security Office

Subject: New and Revised Information Security Standards

Date: December 20, 2017

The Information Security Office has worked with campus stakeholders to develop two new standards and revise another standard to provide appropriate guidance in following best security practices. 

The new standards are:

Endpoint Encryption Standard (IS-S303): Created to provide guidance on protecting University data, especially Regulated and Confidential Data, as defined in the University's Data Classification and Handling Standard (IS-S302).

Security Awareness and Training Standard (IS-S401): Defines security awareness training requirements for University employees (including student employees) and Designated Campus Colleagues who have access to University information assets.   

The revised standard is: 

Manager Information Security Standard (IS-S400): Updated to provide more detailed information on best practices for supervisors to ensure that they have done their due care in securing University resources related to personnel changes.

If you have any questions, please contact the Information Security Office at 520-621-8476 or

UA@Work is produced by University Communications

Marshall Building, Suite 100. 845 N. Park Ave., Tucson, AZ 85719 (or) 
P.O. Box 210158B, Tucson, AZ 85721

T 520.621.1877  F 520.626.4121

Feedback University Privacy Statement 

2020 © The Arizona Board of Regents on behalf of the University of Arizona