Institutional Security Resources

Security Policies and Procedures

We work on enhancing information security awareness and provide comprehensive information security awareness training to our faculty and staff, free of charge. This training equips participants with crucial knowledge on various topics such as privacy, threats, safe computing practices, password security, malware prevention, social engineering, phishing, physical security, data protection, and best practices for mobile and remote computing. Two of our most important policies are:

Our students and staff have access to a wide range of Information Security Policies and procedures through our internal TouroOne portal (login required). These policies include:


  • Administrative Services Job Scheduling Policy and Procedures
  • Change Management Policies and Procedures
  • Disaster Recovery Policy
  • Generic Account Policy
  • Multifactor Authentication Policy
  • Online Directory Policy and Procedures
  • PMO for IT Policy and Procedures
  • Software and IT Services Purchasing and Deployment Policy and Procedures
  • TouroOne UserName and Email Address Change Policy

Information Technology

  • Access Provisioning Policy and Procedures
  • Bring Your Own Device Policy
  • Cloud Computing Policy
  • Cryptography Policy
  • Data Privacy Policy
  • Data Privacy Procedures
  • IT Incident Management Policy
  • Information Security Risk Management Policy
  • Information Security Policy
  • Information Security Training and Awareness Policy
  • Internet Services and User Generated Content Policy
  • Mobile Access Policy
  • Technology Equipment Disposal Policy
  • Vulnerability Scanning Policy