ITS Regulations

A “regulation” is any statement or procedure of general applicability adopted by the Risk Review Board. A regulation will generally apply to students, parents, staff, faculty, and NCSSM as a whole. Here is a list of the current ITS regulations and their links.


  • Acceptable Use of Information Resources

  • Business Continuity or Disaster Recovery

  • End User Information Security (End Point Information Security)

  • Human Resource Security

  • Information Classification and Handling

  • Information Security Awareness and Training

  • Information Security Incident Response

  • Information System Acquisition, Development, and Mtc.

  • Information Systems Access Control

  • Information Systems Operations Security

  • Network Management Security

  • Physical and Environmental Security

  • Risk Assessment and Management

  • Telecommuting Security Policy

  • Information Security Policy