The School should develop appropriate information security policies, standards, and procedures as required by DIR’s minimum standards.
To facilitate the development of those policies, standards, and procedures, the School should implement certain information security processes,
including classifying its data, performing a risk assessment, and establishing a training program to increase the School’s understanding of information
security risks and DIR's requirements.
Jump to Chapter 1-A