Audits & requirements

IT audit preparation and required practices

This page is maintained by the IT Community Partnerships group within UITS. The "IT Required Practices" file was reviewed by Internal Audit, the University Information Policy Office, the University Information Security Office, and many people inside and outside of UITS.

It is considered a fundamental list of required practices that all units should implement and maintain. Of course, some units may be required to apply stronger technical and administrative controls, depending on the nature of the work they do.

The templates are provided as examples for your own departmental use, to save you time as you document your own policies and procedures, and strengthen the security posture of your department.

Please feel free to contact us to add or modify any of the content here. We are always happy to add more examples!

Contact the IT Community Partnerships Group

Email us at talk2uits@iu.edu or call 317-278-5387.

Best Practices Explained | Webpage with explanations of the most common best IT practices
Media Disposal Guide | Guide for disposing of Failed Devices/Media Containing Data | 1/1/2016
Self Review | Excel file with administrative and technical questions to prepare you for an audit | 12/1/2011
Policy Manual | Webpage with an example of a complete policy manual | 12/1/2011
Templates | Zipped file of sample templates | 12/1/2011
Departmental Policy | Zipped file of departmental policy examples | 12/1/2011
IT Procedures | Zipped file of IT procedure examples | 12/1/2011

Audits & requirements

IT audit preparation and required practices

Contact the IT Community Partnerships Group

Information Security & Policy resources