University System of Georgia (USG) IT Handbook
The University System of Georgia (USG) comprises thirty-one institutions of higher learning, a marine research institute, and a system central office, as well as the Georgia Public Library System (GPLS) and the State Archives. The Information Technology Handbook commonly referred to as the ‘IT Handbook’ provides guidance with regards to information technology (IT) operations within the USG.
Information, in all forms, is a strategic asset to GPC and to the USG as a system. Under Board of Regents’ (BoR) policy, it is the responsibility of the Vice Chancellor and Chief Information Officer (VC/CIO) to establish “the procedures and guidelines under which the acquisition, development, planning, design, construction/renovation, management, and operation of USG technology facilities and systems shall be accomplished.” Part of this responsibility is to prepare a handbook of Information Technology (IT) standards and best practices to be followed by each USG institution.
The hierarchy of USG IT policies and procedures is as follows:
- BoR Policy Manual is the top-level set of Board-approved policies from which all lowerlevel USG documents flow. Section 11.0, Information Technology, covers all aspects USG information technology including general policy, IT project authorization, and information security.
- USG IT Handbook contains the IT requirements and recommendations that establish acceptable IT practices for all USG participant organizations.
- Participant Organization Policies and Procedures establish the detailed practices and tools used by each USG participant organization to meet the standards set forth in the USG IT Handbook.
- Program/Project Policies and Procedures establish the detailed practices and tools used within each program/project to implement the standards and best practices set forth in the USG IT Handbook and/or the participant organization policies and procedures.
GPC InfoSec and the IT Handbook
The GPC Information Security (InfoSec) department will continuously endeavor to meet the information security standards and best practices set forth in the USG IT Handbook. InfoSec follows a plan to stay abreast of changes to existing standards, or newly adopted standards and practices, in order to make adjustments to local policies and standards, and for decision-making based on compliance requirements.
Section 5: Information Security (IS), of the IT Handbook covers BoR requirements specifically for information security.View the IT Handbook