Cyber Risk Mitigation Responsibilities, IU policy IT-28, ensures that the community works to “vigilantly mitigate cybersecurity risks, maximize physical security for IT systems, and minimize unacceptable risks to IT systems and data from natural disasters (collectively, 'Cyber Risks')".
Each IT unit will have a security analyst assigned to them to assist with IT Governance, Risk, and Policy Compliance. The security analyst will serve as IT security consultant. Security analysts will engage IT Managers and IT Pros in regular meetings as part of an ongoing program. Personalized consultations will help units improve IT security practices, assist with risk assessments, and provide units with risk mitigation recommendations.