Cyber Risk Review

What is the Cyber Risk Review?

Cyber Risk Mitigation Responsibilities, IU policy IT-28, ensures that the community works to “vigilantly mitigate cybersecurity risks, maximize physical security for IT systems, and minimize unacceptable risks to IT systems and data from natural disasters (collectively, 'Cyber Risks')".

Participating IT units at Indiana University have a UISO security analyst and a security engineer assigned to support the unit's continuous engagement in cyber risk mitigation and to assist with the Cyber Risk Mitigation Responsibilities policy (IT-28).

Learn more about Cyber Risk Review

Help! I have questions

If you have questions concerning IT-28, send an email to