UW-Madison - Cybersecurity - Policy List

These are all UW-Madison cybersecurity policies that are registered with the Office of Cybersecurity. Closely related policies are grouped together.

The list is primarily useful to UW-Madison IT Staff. For a general list of campus IT policies, see: https://kb.wisc.edu/itpolicy/cio-policies.

  • Of interest to:
    • IT Security Staff
    • IT Staff
  • Subjects:
    • Cloud Services
    • Cybersecurity
    • Identity Management
    • Mobile Devices
    • Network and Telecomm
    • Personally-owned Dev.
    • Records Management
  • Cybersecurity:
    • Access Control
    • Acquisition and Develop
    • Config and Maintenance
    • Contingency Planning
    • Education and Training
    • Monitoring and Mitigation
    • Privacy
    • Risk Management
  • Data Handling Activities:   
    • Access
    • Archive
    • Business Use
    • Collection
    • Disposal
    • Distribution
    • Monitoring
    • Retention
    • Storage
    • Transmission


Access Control

Core Documents

Related Documents

Acquisition and Development

Core Documents

Related Documents

Configuration and Maintenance

Core Documents

Related Documents

  • Accounting Services - Credit Card Merchant Services and PCI Compliance (device configuration, disposal, and maintenance) (on bussvc.wisc.edu)
  • HIPAA (on compliance.wisc.edu)
    • 8.7 Destruction/Disposal of PHI
    • 8.11 HIPAA Security Data Management and Backup
    • 8.13 HIPAA Security System Configuration and Use (please contact policy@cio.wisc.edu)

Contingency Planning

Education, Training and Awareness

Monitoring and Mitigation


Risk Management


Please address questions or comments to policy@cio.wisc.edu.



Keywords:policies index policy requirements requirement requirements, it-security-staff it-staff information-technology security, cloud-services identity-management mobile-devices network personally-owned-devices records-management resource-management security cloud cybersecurity devices identity mobile networking personal personally records resource telecommunications, access archive business-use collection disposal monitoring retention storage transmission distribution, access-control acquisition-and-development configuration-and-maintenance contingency-planning education-and-training monitoring-and-mitigation privacy risk-management access acquisition configuration contingency cdm development education maintenance awareness mitigation monitoring planning risk training seta coop rmf   Doc ID:58557
Owner:GARY D.Group:IT Policy
Created:2015-11-27 19:53 CDTUpdated:2018-06-17 20:54 CDT
Sites:IT Policy
Feedback:  8   0