Use of CU-Boulder’s IT resources is governed by policies issued by the University of Colorado System, the Office of the AVC for IT & CIO, the Office of Information Technology, individual campus IT departments, as well as state and federal laws. Users of campus IT resources are responsible for understanding the privileges and responsibilities extended by those policies and laws, detailed on the web pages referenced below.
Administrative Policy Statements (APS) provide guidance, procedures and requirements for all three University of Colorado Campuses. These policies are based on external and internal mandates, laws and regulations and are developed and revisited by the offices of the University president and vice presidents.
The CU-Boulder policy library serves as the official repository for all campus-wide policies providing resource links to campus department and unit-specific policies, as well as links to university-wide policies implemented by CU System and provides accurate and up-to-date policy information to the campus community.
Campus-wide policies apply to all users of CU-Boulder campus IT resources, including the campus network, hardware, data, and applications. Policies include best practices, standards, security requirements, and service expectations and are typically developed by or in collaboration with CU-Boulder’s OIT.
This policy and related procedures set standards for the primary electronic identifier on the CU-Boulder campus, including requirements for passwords, lockout, termination and compromised account responsibilities.
Campus-wide policies specifically outlining CU-Boulder's compliance with the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003" as well as campus Bulk Mail Policy and Guidelines.
Information systems connected to the CU Boulder network run the risk of a breach of confidentiality or misuse of those systems or the network as a whole. The Standards for Vulnerability Management defines a means by which vulnerable or compromised systems can be identified and isolated pending correction of the problem.