Understanding Yale's Policy Base
Yale's Information Security Policy Base include four key components:
- Policies
- Standards
- Procedures
- Guidelines
Policies
Policies set the foundation for the entire policy base. They identify why we need to do something. They identify the issue and the scope.
Standards
Standards explain what needs to happen to follow policies. They support policies by assigning specific measures and actions.
Procedures
Procedures explain how to do the standards. They support policies and standards by establishing the proper steps to take.
Guidelines
Guidelines are supporting documentation to policies, standards, and procedures. They provide extra, recommended guidance for meeting policies and standards.
Yale's Information Security Policy Base
Our Information Security Policy Base consists of policies, standards, procedures, and guidelines. Each of these artifacts plays a role in ensuring you know what to do to protect Yale Data and IT Systems. Our policy base is a collection of University requirements, including: