One of the most important aspects of Computer Security and Information Assurance is to have a plan in place to help your organization decide on what it needs to do in order for its computer systems to be as secure as necessary.  Part of this plan should include good information/computer security and computer usage policies which outline many of the necessary security components, rules and regulations.

We include links to our policies here to help educate the public.  Please feel free to use parts of it if it would help make your systems more secure.

It should be noted that the computer security policy was created by students in the ESU class Computer Science 326 - Risk Analysis / Certification and Accreditation. This course discusses the identification of vulverabilities inherent in the operation and administration of information systems. Countermeasures are discussed and documented in an effort to counter identified vulnerabilities. This course currently uses the NIST FISMA Security Planning and C&A processes.

Click here to view the ESU Computing Policies.

Click here to view a sample Security Policy or Security Plan.

East Stroudsburg University • Computer Science Department • 200 Prospect Street • East Stroudsburg, PA 18301 • 570.422.3666 • compusec@esu.edu