Policy AD95: Information Assurance and IT Security

Policy AD95 establishes an institution-wide security program designed to ensure the confidentiality, integrity, and availability of Penn State's information assets while protecting it from unauthorized access, loss, or damage. This policy outlines:

  • IT Security Standards and Requirements
  • The standard 4-level Information Classification system used by Penn State to denote the security level of information
  • Responsibilities of members of high level groups for high security level functions.

Policy AD96: Acceptable Use of University Information Resources

AD96 defines "acceptable use" of Penn State's electronic resources to support the educational, research and service missions of the University. Electronic resources include, but are not limited to, computer facilities and services, computers, networks, electronic mail services, electronic information and data, and video/voice services.





  • This is an active service


  • For specific breakdowns of which individuals are subject to each policy, please follow the links provided to read each policy's Scope section
  • Generally, all policies are applicable to all faculty, staff, students, and other individuals using Penn State's network resources (and individuals who are conducting Penn State business using external networks), excluding Penn State Health and The Pennsylvania College of Technology, which follow separate policies


  • Questions regarding Human Resources policies should be directed to Penn State Human Resources’ HR Services at worklion.psu.edu or by phone at 814-865-1473
  • For all other policy questions, please contact the Subject Matter Expert listed on the policy.  If none is listed, please fill out the form located in the Policies About page sidebar