Skip to body

Security Services

Contact Us

Samuelson 255
400 E. University Way
Ellensburg, WA 98926
Phone: (509) 963-2001

Follow Us


Governance and Polices


Shared governance is a strong tradition in higher education.  CWU exemplifies this in our core values by stating that our institution is "a place where people gather to live and to work. It must therefore be a place that enables people to grow and to prosper. In keeping with the academic values of shared governance and reasoned dialog, the university must be open, transparent, and empowering."

In support of this commitment to shared governance, the CWU information security program leverages input from governance groups, with the understanding that information security needs to be part of the University’s strategic planning process. These governance groups represent the wide range of constituents who are impacted by information security and privacy needs. This includes leaders from business units, academic colleges, technology support departments, and various compliance functions.

- Data Governance Framwork -

PeopleSoft Security and Governance Framework

Policies and Guidance

Central Washington University Security Services department is responsible for coordinating the development and dissemination of information security policies, standards, and guidelines for the institution. Security Services is also responsible for coordinating various regulatory compliance efforts as they relate to information technology systems.

Policy Framework

The following policies and procedures were approved on June 4th, 2014 by the University Policy Advisory Committee (UPAC). They are intended to serve as the foundational governance framework for future policies, procedures, and guidelines.

 - Policies - 

2-70-010   Information Security and Privacy Roles and Responsibilities

2-70-020   Data Classification and Usage Policy

2-70-030   Information Security and Privacy Incident Management Policy

2-70-040   Payment Card Policy

2-70-050   Information Security Controls

- Procedures -

7-70-010 Information Security and Privacy Incident Management Procedure

7-70-050 Payment Card Procedures

- Standards -

Standards and Operating Procedures

Digital Forensics Policy, Procedure and Service

Regulatory Reference

Washington State RCW 43.41A.027 - Security Standards and Policies

Washington State RCW 19.255.010 - Disclosure, Notice - Definitions - Rights, Remedies

Washington State RCW 42.56.420 - Security

Washington State OCIO Policy No. 141 - Securing Information Technology Assets

Washington State OCIO Policy No. 141.10 - Securing Information Technology Assets Standards

PCI Security Standards Council

Family Educational Rights and Privacy Act 34 CFR Part 99 (FERPA)

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Take the Next Step to Becoming a Wildcat.