Law - Policy - Guidelines

About Compliance Drivers

Laws, policies, standards and guidelines are the drivers behind everything we do to ensure university compliance with security requirements and best practices. If you've ever wondered "why does the ISO need this paperwork" then this deep and robust section of content and information will provide answers.

Law and policy icon

Law and Policy

This section covers the laws and policies relevant to the ISO and information security at Texas State University, in general.
Division of information resources logo


Texas Risk & Authorization Management Program is a framework for collecting information about cloud services security and compliance with required controls.
Procurement section icon

Procurement and the ISO

The ISO is part of institutional procurement in several ways. Please review this section to learn more about how we are involved in the procurement process.
Research section icon - vector illustration

Securing Research

If you are conducting research on campus it is vital that you are aware of the risks involved with research and how to secure manage your research.
Risk management section icon - vector illustration - check box

Risk Management

The ISO conducts risk assessments on all assessable objects on the network. This is a collaborative process with resource owners. Read about the process here.
Standards, procedures, and guidelines

SPG Documents

If you work with university systems - the Standards, Procedures, and Guidelines (SPG) section is your place for information on how to do things the right way.

Information Security Glossary

The information security glossary is a searchable and filterable glossary of terms and definitions we use in all aspects of our work. Familiarize yourself with this terminology to deepen your understanding of information security at Texas State University.