Newsletter

Policy Update 2024


The WashU Office of Information Security (OIS) is dedicated to supporting our community by ensuring that our information security policies keep pace with the evolving digital landscape. As part of this effort, we’re excited to introduce our 2024 Policy Update, which launches the new WashU OIS Guide series. This series will guide you through our updated policies and standards while helping you navigate the resources available on the OIS website and within other offices at WashU. Your role in maintaining a secure environment for education, research, and clinical care is integral, and we rely on regular policy reviews and updates to address emerging threats and meet the diverse needs of our users. Each October, during Cybersecurity Awareness Month, we highlight these efforts through events, resources, and activities aimed at keeping you informed and empowered. Thank you for your ongoing commitment to information security.

To learn more about Cybersecurity Awareness Month, visit informationsecurity.wustl.edu/cam.

Below is a list and brief description of our other new policies. The full text of these and other policies are available at Policies

  • 109 Information Security Incident Reporting, Response, and Recovery
    • Security incidents threaten the ongoing Confidentiality, Integrity, and Availability (CIA) of information resources at Washington University in St. Louis (WashU), putting the organization and the WashU community at risk. The Information Security Incident Reporting, Response, and Recovery policy communicates a planned and systematic approach to incident handling from reporting to recovery and analysis.
  • 110 Information Technology Change Control and Management
    • The Information Security Change Control and Management Policy outlines processes for maintaining the security and integrity of information assets throughout their lifecycles.