The use of CU Denver and CU Anschutz IT resources is governed by policies issued by the University of Colorado System, the Office of Information Technology, and state and federal laws. Those that use IT resources on campus are responsible for understanding the policies and implementing the required controls to stay compliant.
University IT Security policy APS-6005 addresses the security and privacy of CU information and IT systems, including requirements for IT resource users and IT Service Providers. APS 6005 should be provided to all IT resource users and IT Service Providers. Review full policy
Section 1- IT Resource Users shall protect confidential and highly confidential data from unauthorized disclosure by:
Section 2- IT Security in Personnel Job Descriptions, Responsibilities and Training
Units shall ensure that employees are aware of their IT Security responsibilities and are adequately trained to fulfill those responsibilities.
o Supervisors should ensure that all employees have this training and it should be incorporated into the employee’s performance review.
Section 3- IT Security in University Operations, BCP, and contracting
IT Security safeguards should be integrated into University operations, asset management, contracting and Business Continuity Planning (BCP), disaster preparedness, and enterprise risk management processes.
Section 4- IT Service Provider Security
IT Service Providers (server and workstation support, programmers, webmasters, user account administrators) incorporate IT security safeguards into the IT services and products provided to the University community.
1380 Lawrence Street
Denver, CO 80204
13120 East 19th Avenue
Aurora, CO 80045