Policies, Standards, and Guidelines

A small group of people sitting in a lounge area using laptops, viewed from above. There are armchairs, a sofa, and small round tables.

These information security policies, standards, and guidelines provide the minimum requirements for the Wharton community to:

  1. Enable the mission of the school.
  2. Increase trust and reduce risk.
  3. Address regulatory and legal requirements.
An illustration of five people in colorful shirts forming a circle and placing their hands together, representing teamwork and collaboration.

Report a Security Incident

If you suspect a security incident such as a phishing attempt, data breach, or compromised account, contact us immediately.

Information Security Policies

Policies form the cornerstone of Wharton’s information security governance, outlining our approach to managing security and risk. They establish clear expectations for all members of the Wharton community regarding the safeguarding of sensitive information and digital assets.

Acceptable Use Policy

Penn policy

IT Security Policy

Penn policy

Information Security Policy

Wharton policy

Privacy Policy

Penn policy

IT Network Policy

Penn policy

Penn Data Risk Classification

Penn policy

Privacy in the Electronic Environment

Penn policy

Information Security Standards

Standards at Wharton define the minimum requirements for protecting information and digital assets. Every member of the Wharton community is responsible for understanding and applying these standards, which serve to operationalize security policies and ensure consistent protection.

IT Security Standards

Penn standard

Risk Review Standard

Wharton standard

Vulnerability Standard

Wharton standard

Security Impact Analysis

Wharton standard

Travel Standard

Wharton standard

Change Enablement Standard

Wharton standard

IAM Standard

Wharton standard

IT Network Standards

Penn standard

Information Security Guidelines

Guidelines provide recommended best practices aligned with Wharton’s information security standards. They offer actionable advice to the Wharton community on effectively implementing measures that reduce security risks and enhance digital asset protection.

Information Security Best Practices

Penn guidelines

Password Handling

Penn guidelines

AI Guidance

Penn guidelines

Guidelines for the Use of Social Media at Penn

Penn guidelines

Protecting Penn Data

Penn guidelines

Guidelines for the Use of Social Media at Penn

Penn guidelines

Generative AI Best Practices

Wharton guidelines

Travel Guidelines

Wharton guidelines