Skip to Main Content

Policy Review


To define a policy and procedures for reviewing and revising departmental policies.




To ensure the accuracy and completeness of departmental policies and procedures, the Chief Information Security Officer (CISO) or their delegate will conduct an annual review of all IT security policies.


Policies that are obsolete or otherwise no longer required will be retired. Once retired, these policies will be maintained as an archived file for a minimum of one year. Proposed policy revisions will be drafted and submitted for appropriate review and approval.

Return to the ITS Policies and Procedures List