To meet applicable federal, state, regulatory and contractual requirements, we must work together to protect university data from theft, compromise, and inappropriate use. The Data Management Framework helps all of us assess the sensitivity levels of the data we work with. Subsequently, we can learn how to secure the data from such risks as unauthorized destruction, modification, disclosure, access, use, and removal.
UPDATES are a work-in-progress: Please be advised that guidance and links to other pages are being updated to reflect changes made to the recently updated REG 08.00.03 Data Management Regulation. If you need help understanding or implementing this regulation per the guidance provided here, please contact Security & Compliance by sending an email to OIT_ISRA@help.ncsu.edu.
How Sensitive is My Data?
To determine how to assess the university data you access, see Tables of Data Elements, from the Determining Sensitivity Levels for Shared Data web page.
Once you know the classification level of the data you work with, see Storage Locations for University Data to store it and protect it appropriately.
Controls for Securing University Data provides a guide for developing internal operating procedures relevant to your working context and data-sensitivity level.
Related Documents
- REG 08.00.03 Data Management Regulation
- Determining Sensitivity Levels for Shared Data
Reference guide of data elements and their associated classification. The fundamental ‘Data Sensitivity Framework’ tables. - Controls for Securing University Data – Best Practices
For Data Stewards, Application Sponsors, Data Custodians and other IT personnel to use to determine how best to protect their data, based upon sensitivity level of the data. - Data Categories, Trustees, Stewards, and Custodians
List of university organizations and titles. - Storage Locations for University Data
- Data Management Procedures Summary & Guidance
Quick-reference version of REG 08.00.03 for easier comprehension and guidance. - Frequently Asked Questions – Data Management Procedures
A set of questions and answers about the Data Management Procedures and Data Sensitivity Framework, as initiated by the IT Strategic Advisory Committee.