ITSS Home Information for UM Faculty and Staff

Faculty and Staff Announcements

UM Information Security policy SPG 601.27 Approved
The UM Information Security Policy (SPG 601.27), establishing an information security policy for the University, has been approved and posted. By implementing this policy, the University is better positioned to minimize the impact of security incidents, provide appropriate protection of sensitive information, and meet applicable regulatory requirements.

Per SPG 601.27, every UM unit is responsible for:

• Implementing a unit-level IT security program and appropriately securing its information assets.
• Appointing a security unit liaison to coordinate the implementation of its security program.
• Collaborating with other units and with ITSS on the implementation of the IT security program across the University.

• Putting into place policies, procedures, and safeguards to ensure the confidentiality of sensitive information in any form (including documents and verbally communicated information).
• Complying with federal, state, and local law, University policies, and binding agreements that require the implementation of information security safeguards.