Printable Version in PDF Format (Get Adobe Acrobat)


  • Policy Number: IT.01.004
  • Version: 4
  • Drafted By:
  • Approved By: Richard D. Yao President
  • Approval Date:
  • Effective Date: 2/5/2024
  • Supercedes: IT.01.003


The California State University (the CSU or the University) is a public institution committed to the ideals of academic freedom and freedom of expression. To promote these ideals, the CSU uses and offers access to various information systems, data, and network resources, hereafter referred to as information assets. These standards support and provide additional guidance for those implementing the Information Security Data Classification Standard. The unauthorized collection, modification, deletion, disclosure, or misuse of CSU information assets can compromise the mission of the University, violate individuals' rights to privacy, or constitute a criminal act


This standard supports and derives its scope from the Integrated California State University Administrative Manual (ICSUAM) Section 8000 Information Security Policy, policy 8065.00 on Information Asset Management




The University's Chief Information Security Officer (CISO) is responsible for ensuring that a Data Classification Policy Standard is in place and enforced

ITS Sensitive Data Storage Classification 



The ICSUAM Policies and Standards apply to all information assets governed by the system-wide information security policies.





Back to Top ↑