BPPM Revision #552

July 16, 2020

---

This BPPM revision includes the following changes:

Information Security Planning 87.15

This new section provides planning requirements and processes for the effective implementation of information security controls to protect the confidentiality, integrity, availability, and privacy of institutional systems and information.

Security Assessment and Authorization 87.20

This new section provides requirements and procedures regarding security assessments and authorization of information systems and services.

Information Security Risk Assessment 87.25

This new section provides requirements for incorporating consistent and effective risk assessment of potential threats to information systems and data, in order to manage the impact of potential harm.

Configuration Management 87.30

This new section provides requirements, roles, responsibilities, and procedures for managing the configuration of WSU information systems and associated components.

Wireless Local Area Network (LAN) Management 87.35

This new section provides requirements for management, deployment, equipment, and security of wireless LANs for data communications throughout the University system.

System and Information Integrity 87.40

This new section provides requirements and procedures for guarding information systems against improper information modification or destruction and ensuring information nonrepudiation, authenticity, and authorized access.

Audit and Accountability 87.50

This new section provides requirements and procedures implementing audit and logging controls, as required for compliance with state, federal, and industry information security and privacy policies, regulations, and standards.