These policies ensure proper use of IU’s technological resources. Topics include data management, the Information Security and Privacy Program, and information technology.

These policies apply to all users of these resources, regardless of affiliation and regardless of whether the resources are accessed on or off campus.

To search these policies, try typing in a policy title, number, or keywords.

Data Management (DM)

Title Number Responsible Office

Management of Institutional Data

Establishes acceptable use and disclosure of IU institutional data.

DM-01 Committee of Data Stewards
Return to Top ▲

Information Security and Privacy Program (ISPP)

Title Number Responsible Office

Web Site Privacy Notices

Establishes requirements related to privacy practices and notices for content owners and site managers of university web sites and applications.

ISPP-24 University Information Policy Office

Information and Information System Incident Reporting, Management, and Breach Notification

ISPP-26 outlines a the processes for a coordinated, consistent, efficient, and effective approach to identifying, investigating, and handling potential information and information system breaches.

ISPP-26 University Information Policy Office

Privacy Complaints

ISPP-27 outlines outlines Indiana University's approach to providing a mechanism for individuals to submit complaints regarding IU’s privacy practices.

ISPP-27 University Information Policy Office
Return to Top ▲

Information Technology (IT)

Title Number Responsible Office

Appropriate Use of Information Technology Resources

Restricts the use of IU IT resources to purposes consistent with the university's mission and applicable laws.

IT-01 University Information Policy Office

Misuse and Abuse of Information Technology Resources

Establishes reporting and disciplinary procedures for instances of misuse or abuse of IU information technology resources.

IT-02 University Information Policy Office

Eligibility to Use Information Technology Resources

Outlines eligibility requirements and procedures for use of university IT resources.

IT-03 University Information Policy Office

Privacy of Electronic Information and Information Technology Resources

Establishes procedures for permissible access to electronic data and communications to protect individual freedom and privacy.

IT-07 University Information Policy Office

Excessive Use of Information Technology Resources

Establishes procedures to reduce or cease overuse of the university's IT resources by particular users/activities to enable effective overall use.

IT-11 University Information Policy Office

Security of Information Technology Resources

Establishes responsibility for ensuring IT security, policymaking and implementation, and the reporting of and response to security breaches.

IT-12 University Information Policy Office

Computer and Network Accounts Administration

Details account provision, user responsibilities, and other matters related to IU network and computer accounts administration.

IT-18 University Information Policy Office

Extending the University Data Network

Restricts the use of certain network devices, such as routers or firewalls, that extend, secure, or isolate parts of IU's data network.

IT-19 University Information Policy Office

Wireless Networking

Outlines permissible use of wireless networking equipment and establishes responsibility for developing standards of governance.

IT-20 University Information Policy Office

Use of Electronic Mail

Details permissible and impermissible use of university email to ensure effective and appropriate communications.

IT-21 University Information Policy Office

Cyber Risk Mitigation Responsibilities

Establishes UITS' responsibility for maintaining secure IT infrastruture and services, and unit responsibility for leveraging these common resources to the greatest extent practicable.


Office of the Vice President for Information Technology and CIO

Return to Top ▲