The Information Security Advisory Council is charged with providing advisement, review, and endorsement of Appalachian State University's Information Security Plan including relevant policies, strategic initiatives, and services.  The goal of this council is to ensure that this plan is aligned to the needs of the University community, focused on salient education and awareness opportunities, and driven to achieve reasonable, cost-effective, and holistic management of risks related to University information resources.  The composition of this council will include members from units that regularly deal with information security issues as well as those who can articulate the needs and concerns of faculty, staff, and students.


Data Handling Standard Implement a new Data Management Standard including Data Management Structure and Data Classifications
Minimum Security Standard Establish new standard to define minimum technical security controls required for protecting important IT services and university data
Password Standard Revise our password standard to clearly define the requirements associated with password management, and consider a longer password expiration period
Risk Management Standard Establish new standard to formally establish University IT risk assessment processes