POLICIES + STANDARDS
An overview of the information security policies and guidelines to which we must adhere.
For cybersecurity-specific support documentation, visit the ServiceLink Knowledge Base. For direct inquiries, please submit a support ticket here.
Scope: UC Riverside
| Policies & Standards | Related Standards, Guidelines & Procedures |
|---|---|
| Electronic Communications Policy (ECP) | Electronic Communications Policy (ECP) Overview and Implementation |
| Phishing Awareness | |
| Multi-Factor Authentication | |
| Malware Awareness | |
| Ransomware Awareness | |
| Generative AI at UCR |
Scope: UC System-wide
| Policies & Standards | Related Standards, Guidelines & Procedures |
|---|---|
| Cybersecurity Mandate 2025 | Cybersecurity Mandate 2025 Overview and Implementation |
| IS - 3 Information Security Policy | UC-IS-3 |
| Electronic Communications Policy | UC-IS-11-ECP |
| Information Technology Accessibility | UC-IT-AP |
| Identity and Access Management | UC-IS-11-IAM |
| HIPAA Information Security | UC-IS-HIPAA |
| Continuity Planning & Disaster Recovery | UC-IS-12-CPDR |
| Systems Development Standards |
Scope: Nationwide
| Policies & Standards | Related Standards, Guidelines & Procedures |
|---|---|
| National Defense Authorization Act (NDAA) |
Note: Although UCR accounts for active students, staff, and faculty may potentially be disabled for a variety of reasons, the primary two reasons are due to potentially being compromised
or connecting to the network from an infected computer. If your account is disabled, you will be sent an email notification with information on steps to take to remediate your account.
NDAA 889 PROHIBITED MANUFACTURERS
The National Defense Authorization Act (NDAA) prohibits the use of equipment manufactured by a limited set of manufacturers.
Please read this page for details on how to work with the Information Security Office (ISO) to discontinue the use of products from banned manufacturers.