The IT Security Program involves the schools, colleges, departments, and central offices on all three campuses. Each unit, school or college has a Security Unit Liaison (SUL), who coordinates the unit’s IT security activities.
Information Security Policy (SPG 601.27) establishes information security strategies and related responsibilities of schools, colleges, and departments (units).
Information and Infrastructure Assurance (IIA) coordinates the university-wide effort to appropriately protect IT resources and to enable secure education, research, and health care operations.
Internal Control Annual Certification Process. Requires unit leadership to certify level of compliance with particular security practice or process on an annual basis.
Responding to an IT Security Incident. Describes the U-M IT security incident response process.
Stewardship of IT Security Information. Defines IT security information as a type of sensitive data and describes related data stewardship considerations.