Skip to main content

Standards and Security

Information Security Program

The UNM Information Security and Privacy Office (ISPO) provides an Information Security Program that address confidentiality, integrity and availability of information on UNM systems and computers. The overall security program includes system monitoring, security incident investigations and a security education outreach program to the UNM computing community (details available here). As a member of the UNM computing community, it is your responsibility to help keep computing resources safe and available for use.

The ISPO is responsible for information protection, security awareness, and protecting UNM's computer equipment and network against unauthorized access. Contact the ISPO at

Policies and Procedures

As key University assets, UNM data are subject to a variety of internal policies and procedures.  In addition, many data also are subject to external regulatory requirements.  As such, it is the responsibility of everyone in the university community to know and understand key policies and procedures that pertain to our use of university data.  The list below highlights some of the key areas users need to be familiar with, and an exhaustive list is available at

UAP 2580 ("Data Governance")

UAP 2500 (“Acceptable Computer Use”)

UAP 2520 (“Computer Security Controls and Access to Sensitive and Protected Information”)

UAP 2550 (“Information Security”)

UAP 2560 (“Information Technology Governance”)

Information Technology Standard for UNM Data Classification

UNM Sensitive Information Stewardship and Confidentiality Statement