UGA Computing Policies
A policy is a general or high level statement of a direction, purpose, principle, process, method, or procedure for managing technology and technology resources.
Note: The University of Georgia Telecommunications Policy for Wireless Devices/Cellular Telephones, Long Distance Usage, and Home/Off Campus Internet Access is now available here.
General campus information technology policy questions may be addressed to helpdesk@uga.edu.
| Name | Scope | Quick Summary | Status |
| UGA Policies on Use of Computers [AUP] | Campus | This directive establishes the acceptable use policy for the University of Georgia information and information systems supporting all students, faculty, staff and contractors. | Interim |
| UGA Privacy Policy | Campus | This policy applies to personally identifiable sensitive information and how it is collected at the University of Georgia. Such sensitive information includes information that could be used to cause financial harm or reputational harm to any individual. | Draft |
| Information Classification Standard | Campus | Classifying information is the first step in determining the information's need for protection. This standard is intended to help UGA employees classify information and information systems to help determine the need for protection and compliance with applicable policies and laws. | Draft |
| Guidelines to Handling Sensitive Information | Campus | Mishandling of sensitive information is a significant risk to the University, and may cause considerable financial or reputational harm. It is the responsibility of all UGA personnel to be aware of any sensitive information they may be handling, retaining, or transmitting. | Draft |
| Guidelines for Trusted Computing | Campus | Systems that store or process sensitive information should adhere to the suggestions put forth in this guideline. | Draft |
| UGA Electronic Mail Policy | Campus | This Policy applies to all electronic mail systems and services residing within, provided by, or owned by the University; and users, holders, and uses of University email services; and University email records in the possession of University employees or other email users of electronic mail services provided by the University. | Ratified Dec 2005 |
| Minimum Security Standards for Networked Devices Policy | Campus | Access to and use of university network services and resources are privileges granted at the discretion of the University of Georgia. Devices connected to the UGA electronic communications network must comply with the minimum standards for security set by the Office of Information Security (OIS). Departments, units, or service providers may develop stricter standards for themselves. Devices that do not meet minimum standards for networked host security configurations may be disconnected without notification at the discretion of the CIO, the CISO, or their designees. | Ratified Dec 2006 |
| Minimum Security Standards for Networked Devices | Campus | The following minimum standards are required for devices connected to the UGA Electronic Data Communications Network (EDCN). | Ratified Dec 2006 |
| UGA Access Control Policy | Campus | The objective of the University of Georgia's Physical Access Control & Security Systems Policy is to provide a comprehensive, dependable and cost-effective security access control and security system solution for the entire campus. The system will consist of an integrated pairing of the traditional mechanical locking, or keyed system, with a newly selected computer based access control system that will allow for use of, primarily, card access control and will set a standard for security systems on the campus. | Draft |
| UGA Password Policy | Campus | Passwords are one of the primary mechanisms that protect critical UGA information systems and other resources from unauthorized use. Constructing secure passwords and ensuring proper password management are essential. Poor password management and protection can allow both the dissemination of information to undesirable parties and unauthorized access to UGA resources. Poorly chosen passwords are easily compromised. Password compromise can lead to inappropriate disclosure and use of UGA proprietary or sensitive information and disclosure of valuable intellectual property. Training users in the proper password creation and management greatly reduces these risks. | Ratified Dec 2006 |
| UGA Password Standard | Campus | This document describes the acceptable means for password construction, protection, and maintenance. | Ratified Dec 2006 |
| UGA Business Continuity & Disaster Recovery Policy [BCP/DRP] | Campus | This directive establishes the program to develop and maintain a Business Continuity & Disaster Recovery (BC&DR) Program for the University of Georgia (UGA). This program includes Business Continuity and Disaster Recovery Planning for information systems supporting UGA operations and research activities. The program shall create plans for Business Continuity and Disaster response. These plans will be tested periodically to ensure they reflect current operating conditions and address current threats. | Interim |
| Georgia Surplus Policy | State | The Department of Administrative Services (DOAS) Surplus Property Division manages the state's surplus property. This policy provides guidelines for the disposal of surplus electronic components. | |
| Electronic Equipment Disposal and Transfer Recommendations | Campus | Information systems capture, process, and store information using a wide variety of media. This information is not only located on the intended storage media but also on devices used to create, process, or transmit this information. These media may require special handling in order to mitigate the risk of unauthorized disclosure of information and to ensure its confidentiality. | Ratified May 2007 |
