About ITS Information Assurance

IA protects U-M by leading IT security, privacy, identity and access, and IT policy and compliance efforts that enable the university to excel in its teaching, research, and patient care missions.

Information assurance is a shared responsibility, and every member of the U-M community has an important role to play. ITS Information Assurance (IA) staff members work with Security Unit Liaisons (SULs) across the university to coordinate and leverage university information assurance activities to meet unit requirements and support unit missions. IA works to secure the University of Michigan.

For a summary of IA support for U-M unit's see the Information Assurance for U-M and Your Unit brochure (PDF).

ITS Information Assurance Office

The ITS Information Assurance Office:

  • Directs IT security, policy, compliance, privacy, enterprise continuity, and identity and access management (IAM) strategy across the entire university.
  • Proactively mitigates IT security risks in partnership with U-M's campuses—UM-Ann Arbor, UM-Dearborn, UM-Flint, and Michigan Medicine.
  • Collaborates with U-M units to:
    • Develop university IT security, privacy, and IAM strategy.
    • Implement best practice security, privacy, and IAM infrastructure and protocols.
  • Takes a risk-based approach to securing the university’s most sensitive information assets that enables teaching, learning, research, and healthcare in a large open environment.
  • Provides operational information assurance and IAM services that enable the university to excel in its research, teaching, and patient care missions 
  • Provides guidance to the entire university community on IT security and privacy compliance best practices to help individuals protect university systems and data, as well as their own personal information.

For information about IA leaders and their roles, see Information Assurance Leadership Team. Contact IA through the ITS Service Center.

U-M Security Posture

The university embraces a risk-based security posture. That is, we work from a cybersecurity risk management framework that incorporates best practices for protecting U-M’s critical IT infrastructure and data assets. We focus our IT security efforts on areas of greatest risk and expect all members of the university to share in the responsibility for information security.

  • U-M IT Security Posture (U-M login required). This document provides details about the university's security posture that members of the university community can use when working with granting agencies, vendors, and others who require this information.

Information Assurance Capabilities

IA provides some capabilities to the university at large and makes additional services available on request. In addition, IA provides IT security and privacy guidance, best practices, and information.

Securing U-M

We secure the U-M environment by balancing security and openness, which is a hallmark of academic institutions. Over the years, we have remained committed to protecting the U-M culture, values, and belief in privacy, academic freedom, and free thought and expression.