Click to open manual (pdf)
Click to open Best Practices for Employees
Click to open Best Practices for Management
These three security manuals are designed to help you—as an ECU employee, manager or IT support staff member—fulfill your responsibilities for protecting the information in your care. They are for general guidance and may not address all job aspects or working environment–managing HIPAA, FERPA and other sensitive information are examples–so take additional precautions to ensure all information is safe and secure.
The standards here are based on the ISO 27002 Information Technology Security Techniques Code of Practice and consider the unique aspects of our academic, research, service, administrative, legal, regulatory and contractual activities and requirements.
For the purposes of these guides:
Each best practice is accompanied by a statement of responsibility, an activities list and a link to the relevant security standard.
For more information on your responsibilities for legal and regulatory compliance contact your supervisor or departmental compliance coordinator for assistance. If you have general questions about information security requirements and practices, contact the IT Help Desk at 252.328.9866.