ITS Policies

The ITS Information Security Policies and Security Standards define the requirements and guidelines of information security in supporting the mission of the university while fostering an environment to protect the university community from cyber threats that may compromise the confidentiality, integrity, and availability of all information assets.

Federal, local, and state laws, policies, and regulations not specific to information technology may also apply.

Acceptable Use Policy (effective 5/2017) outlines the generally acceptable behavior on the LMU network.
Administrator Access Policy (effective 6/2003) outlines when administrative rights to LMU-managed computers can be granted.
Data Classification Framework (effective 7/1/2020) provides a framework for managing data assets based on value and associated risks and for applying the appropriate levels of protection.
Electronic Signature Policy (effective 11/2019) defines the requirements for electronic signatures at LMU.
ITS Access Controls Security Standard (effective 7/2021) outlines the appropriate access to different types of information, and by what means, to protect the confidentiality, integrity, and availability of LMU’s information.
ITS Information Security Policy (effective 7/2020) outlines the information security responsibilities and guidelines for LMU employees and LMU network users.
ITS Minimum Security Standards (effective 7/2020) defines the minimum level of security protection requirements for devices connected to university networks.
ITS System Maintenance Security Standard (effective 1/2021) states when system maintenance on technology systems occurs. ITS maintenance windows are published on the ITS System Maintenance Window Calendar for 2024.
Privacy Policy (effective 3/2024) outlines how LMU collects, uses, shares, and otherwise processes information relating to individuals (“Personal Data”) and your rights and choices regarding our processing of your Personal Data.