ARCHIVED: Completed project: Information Security and Privacy Program
Primary OVPIT contacts: Tom Davis and Merri Beth Lavagnino
Completed: January 25, 2012
Description: The Indiana University Information Security & Privacy Program (ISPP) promotes safeguards that adequately protect information but do not impede its appropriate widespread use.
The goal of the program is to facilitate information security and privacy approaches in order to:
- Maintain IU's viability, both reputational and operational, as a premier institution of higher education
- Support IU's mission of education (teaching and learning), research, and engagement (outreach and service)
- Guide the conduct of university business
Outcome: The ISPP was designed to achieve the following information security and privacy objectives:
- Establish institutional security and privacy principles that guide behavior and decision-making at IU
- Marshal the existing people, processes, and tools available to assist in achieving these security and privacy objectives, regardless of the unit responsible for providing or using them
- Determine the security and privacy risks facing IU
- Provide tools for assessing progress on addressing risks, and meeting security and privacy goals
- Identify the areas where IU does not adequately address risks, or meet security and privacy goals
- Create plans for addressing the gaps
- Facilitate collaboration to identify effective and efficient solutions
- Document IU's compliance with applicable laws, regulations, standards, and contractual requirements
Status:
- The Information Security and Privacy Risk Council officially endorsed the ISPP on January 25, 2012.
- The Information Security and Privacy Risk Council will continue to meet periodically in order to review the Program. Information about the Council, including meeting minutes, is available at Information Security & Privacy Program: Governance.
Comment process: Contact Tom Davis, Chief Security Officer, or Merri Beth Lavagnino, Chief Privacy Officer and Compliance Coordinator.
Project team:
- Tom Davis, Chief Security Officer
- Merri Beth Lavagnino, Chief Privacy Officer and Compliance Coordinator
- Eric Cosens, Deputy University Information Policy Officer
Governance: The Information Security and Privacy Risk Council is a standing committee providing broad strategic guidance and oversight to support the Indiana University Information Security and Privacy Program (ISPP).
This is document azzh in the Knowledge Base.
Last modified on 2018-01-18 16:30:29.