ARCHIVED: Completed project: Information Security and Privacy Program

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

Primary OVPIT contacts: Tom Davis and Merri Beth Lavagnino

Completed: January 25, 2012

Description: The Indiana University Information Security & Privacy Program (ISPP) promotes safeguards that adequately protect information but do not impede its appropriate widespread use.

The goal of the program is to facilitate information security and privacy approaches in order to:

  • Maintain IU's viability, both reputational and operational, as a premier institution of higher education
  • Support IU's mission of education (teaching and learning), research, and engagement (outreach and service)
  • Guide the conduct of university business

Outcome: The ISPP was designed to achieve the following information security and privacy objectives:

  • Establish institutional security and privacy principles that guide behavior and decision-making at IU
  • Marshal the existing people, processes, and tools available to assist in achieving these security and privacy objectives, regardless of the unit responsible for providing or using them
  • Determine the security and privacy risks facing IU
  • Provide tools for assessing progress on addressing risks, and meeting security and privacy goals
  • Identify the areas where IU does not adequately address risks, or meet security and privacy goals
  • Create plans for addressing the gaps
  • Facilitate collaboration to identify effective and efficient solutions
  • Document IU's compliance with applicable laws, regulations, standards, and contractual requirements

Status:

  • The Information Security and Privacy Risk Council officially endorsed the ISPP on January 25, 2012.
  • The Information Security and Privacy Risk Council will continue to meet periodically in order to review the Program. Information about the Council, including meeting minutes, is available at Information Security & Privacy Program: Governance.

Comment process: Contact Tom Davis, Chief Security Officer, or Merri Beth Lavagnino, Chief Privacy Officer and Compliance Coordinator.

Project team:

  • Tom Davis, Chief Security Officer
  • Merri Beth Lavagnino, Chief Privacy Officer and Compliance Coordinator
  • Eric Cosens, Deputy University Information Policy Officer

Governance: The Information Security and Privacy Risk Council is a standing committee providing broad strategic guidance and oversight to support the Indiana University Information Security and Privacy Program (ISPP).

This is document azzh in the Knowledge Base.
Last modified on 2018-01-18 16:30:29.