Cybersecurity Policies and Standards
The following are approved Cybersecurity Policies, Standards and related documents that apply to the Alliance Federation. Change logs record major changes to each document over time (minor changes that do not alter the intent are not recorded). Feedback related to these documents should be addressed to [email protected].
SEC-00 Information Security Glossary
CHG-00 Change Log
SEC-02 Data Classification Policy
CHG-02 Change Log
CHG-03 Change Log
SEC-04 Vulnerability Management Standard
Note: Standard is approved in-force but with a transition period until the end of 2023.
CHG-04 Change Log
SEC-05 Cybersecurity Risk Management Policy
Note: Policy is approved in-force with an implementation project underway
Risk Assessment Procedure
CHG-05 Change Log