| 3.8.1 | Information Security Policy |
| 3.8.2 | Accountability Policy |
| 3.8.3 | Information Management Policy |
| 3.8.4 | Segregation of Systems Policy |
| 3.8.5 | Access Control Policy |
| 3.8.6 | Network Attached System Security Policy |
| 3.8.7 | Acceptable Use Policy |
| 3.8.8 | Electronic Mass Communications Policy |
| 3.8.9 | Business Continuity Planning Policy |
| 3.8.10 | Remote Access Policy |
| 3.8.11 | External Trusted Network Security Policy |
| 3.8.12 | Computing and Communications Confidentiality Policy Version 2.3 |
| 3.8.13 | Telecommuting Policy |
| 3.8.14 | Network Scope of Service Policy |
| 3.8.15 | Technology Acquisition Coordination Policy |
| 3.8.16 | Emergency Notification Policy |
| 3.8.17 | Privacy Policy |
