Use of CU-Boulder’s IT resources is governed by policies issued by the University of Colorado System, the Office of the AVC for IT & CIO, the Office of Information Technology, individual campus IT departments, as well as state and federal laws. Users of campus IT resources are responsible for understanding the privileges and responsibilities extended by those policies and laws, detailed on the web pages referenced below.
University of Colorado System Administrative Policies Administrative Policy Statements (APS) provide guidance, procedures, and requirements for all three University of Colorado campuses. These policies are based on external and internal mandates, laws, and regulations. These policies are developed and revisited by the offices of the University president and vice presidents.
CU-Boulder Policies and Guidelines The CU-Boulder policy library serves as the official repository for all campus-wide policies providing resource links to campus department and unit-specific policies, as well as links to university-wide policies implemented by CU System and provides accurate and up-to-date policy information to the campus community.
OIT Campus-wide IT Policies Campus-wide policies apply to all users of CU-Boulder campus IT resources, including the campus network, hardware, data, and applications. Policies include best practices, standards, security requirements, and service expectations and are typically developed by or in collaboration with CU-Boulder’s OIT.
CAN-SPAM Campus-wide policies specifically outlining CU-Boulder's compliance with the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003" as well as campus Bulk Mail Policy and Guidelines.
Account Activation and Termination Policy CU-Boulder must protect its IT resources and support federal regulations and system policy governing the privacy and security of sensitive data by requiring the use of electronic identifiers and secure passwords to control access. This policy and related procedures set standards for the primary electronic identifier on the CU-Boulder campus including requirements for passwords, lockout, termination, and compromised account responsibilities.