| Name |
The name of the policy statement. |
| Source |
A non-editable field with the source of the policy.
For example, if the statement is from the UCF import,
the source is UCF. |
| Reference |
A unique numerical identifier. |
| Policy |
The parent policy statement supported by this policy
statement. |
| Parent |
References the parent content. |
| Active |
If the policy statement is not in the Draft or
Retired states, a policy is marked active. |
| Source ID |
The unique identification number used by the source
to catalog this authority document. |
| Category |
Select from a list of options:
- Acquisition or sale of facilities, technology,
and services
- Audits and risk management
- Compliance and Governance Manual of Style
- Human Resources management
- Leadership and high level objectives
- Monitoring and measurement
- Operational management
- Physical and environmental protection
- Privacy protection for information and
data
- Records management
- System hardening through configuration
management
- Systems continuity
- Systems design, build, and implementation
- Technical security
- Third Party and supply chain oversight
- Root
- Deprecated
|
| Classification |
Select from a list of options:
- Preventive
- Corrective
- Detective
- IT Impact Zone
|
| Type |
Select from a list of options:
- Acquisition/Sale of Assets or Services
- Actionable Reports or Measurements
- Audits and Risk Management
- Behavior
- Business Processes
- Communicate
- Configuration
- Data and Information Management
- Duplicate
- Establish Roles
- Establish/Maintain Documentation
- Human Resources Management
- Investigate
- IT Impact Zone
- Log Management
- Maintenance
- Monitor and Evaluate Occurrences
- Physical and Environmental Protection
- Process or Activity
- Records Management
- Systems Continuity
- Systems Design, Build, and Implementation
- Technical Security
- Testing
- Training
|
| Description |
Describe the policy statement and how it supports the
goals of the organization. |
