Information Security Program: The Information Security Program at South Texas College is chartered by College policy 4712 – Information Resources Security. The policy clearly defines the need to protect our information resources according to their value and administered in conformance with federal and state law. Policy 4712 also defines that the College is following the Information Security Standards defined in Texas Administrative Code 202. Reference our Information Resources Security Guidelines for more information.
Acceptable Use of Information Resources: This policy sets the expectations for users of information resources. It also includes a list of prohibited uses of College information resources. Reference our College policy 4714 – Acceptable Use of Information Resources for more information.
The following table contains some of the external standards that we are following:
| Standard | Applicable To | Guidance |
| TAC 202 Security Control Standards | College-wide | http://dir.texas.gov/View-About-DIR/Information-Security/Pages/Content.aspx?id=2 |
| Payment Card Industry Data Security Standard Standard | Systems, networks, and staff that interacts with credit card payments | https://www.pcisecuritystandards.org/document_library |
| NIST SP 800-171 (Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations) | Systems that are storing or transmitting data that is received or shared with the federal government. | https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r1.pdf |
| Criminal Justice Information Services (CJIS) Security Policy | Systems that are storing or transmitting data from the CJI data. | https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center |