Policies consist of high level statements and assigned roles and responsibilities that govern the administration or use of information technology at Framingham State University. Some make reference to supporting standards and procedures. Standards consist of specific low level mandatory controls that help enforce and support the policies. Standards help to ensure consistency across the University and usually contain controls relating to specific technology and/or processes. Procedures consist of step by step instructions to assist workers in implementing the various policies and standards.

Articles (5)

Online Identity Management Policy

This policy defines the rules for the provisioning, management, and de-provisioning of access to Framingham State University (FSU) information systems.

Policy on Granting Access via Multi-Factor Authentication (MFA)

This policy establishes Multi-factor Authentication (MFA) as an additional layer of security beyond username and password credentials that may be required in order to access Framingham State University’s (FSU’s) protected information systems and communications network when necessary and if technically feasible.

Policy on Restricting and Monitoring Physical Access to Information Technology Facilities

Policy to ensure controls are in place to protect IT facilities, monitor them, and minimize risk of unauthorized use, damage, theft and non-compliance.

Receipt and Distribution of End Point Devices

Guidelines for receipt and distribution of end point devices.

Retirement of End Point Devices

Guidelines on retiring end point devices.