UW-Madison - Policy Portfolio - Identity and Access Management
The Identity and Access Management (IAM) policy list includes policies related to credentials, identification, authentication, authorization, and physical access
Identity and Access Management (IAM) addresses online and physical access to assets and data, specifically how a person or resource is identified, the resoures that can be accessed, and what can be done with that access. The cybersecurity-related policies in this portfolio are mapped to the NIST SP 800-53 control families.
Policies
Accounting Services - Credit Card Merchant Services and PCI Compliance (access control provisions) (on bussvc.wisc.edu)
Faculty Senate - Access to Faculty and Staff Electronic Files Policy (main entry: Privacy)
HIPAA (on compliance.wisc.edu)
- 3.8 Minimum Necessary Standard
- 8.9 HIPAA Security System Access
- 8.10 HIPAA Security Remote Access
- 8.12 HIPAA Security Facilities Access
IT Policy
- Access Control Services Policy and Standard
- IT Credentials Policy (planned) (on IT Policy Wiki)
- Guest NetID Policy
- NetID Eligibility Policy
- Password Policy and Standard
UW System (on wisconsin.edu)
- 1030 Authentication Policy
- 1030A Authenticaion Procedures
- 25-3 Acceptable Use of Information Technology Resources (credentials and access provisions)
Related Documents
IT Policy-related
- IT Compliance Agreement (NetID Terms of Use)
- NetID Appropriate Use Standards
- Non-UW-Madison Applications and Services Guidelines (main entry: Acquisition and Development)
Records Management - Electonic Communications Guidance (PDF) (on library.wisc.edu)