Virginia Commonwealth University recognizes that integrity in all information assets is vital to the university's success, and must be protected from natural, technological and human hazards. Policies and practices must be established to ensure that hazards are reduced or their effects minimized. 

This policy sets forth the elements of VCU’s Information Security Program, including its associated information classification and protection requirements, and the procedure for reporting, investigating and resolving suspected violations.  This policy is part of VCU’s Information Technology Policy Framework.  

Information Security Policy and Related Documents

Information Technology Policy Framework

Information Security Website

Security Highlights for Students