Carnegie Mellon University


Procedures are step-by-step instructions for accomplishing an objective.  Procedures published by the Information Security Office are designed to reinforce University Policies and help ensure timely and consistent service delivery.  Procedures may also be crucial to maintaining compliance with state and federal regulations. The following Procedures have been published by ISO. If you have any questions, comments or concerns related to these Procedures, please don't hesitate to contact us at

Name  Version
Incident Response Plan 1.7 03/19/2024 03/19/2024
Procedure for Employee Separation 1.3 01/09/2015 04/21/2021
Procedure for Requesting Access to Network Data for Research  1.1 07/06/2006 09/04/2007
Procedure for Responding to a Compromised Computer 2.0 05/11/2006


Procedure for Responding to Unauthorized Release or Access of Data 1.0 06/22/2021