The University of Iowa adheres to numerous regulatory and industry-standard information security requirements. These include, but are not limited to:

• DMCA
• FERPA
• HIPAA
• GLBA
• PCI-DSS
• ADA / IT Accessibility
• CUI
• Export control (ITAR/EAR)
• GDPR

Many of these control regimes are coordinated via offices outside of the IT organization. To facilitate coordination of the information security components of these programs, security management plans are developed.

Relevant security management plans can be found here.