Cyber Risk Review

What is the Cyber Risk Review?

Cyber Risk Mitigation Responsibilities, IU policy IT-28, ensures that the community works to “vigilantly mitigate cybersecurity risks, maximize physical security for IT systems, and minimize unacceptable risks to IT systems and data from natural disasters (collectively, 'Cyber Risks')".

Each IT unit will have a security analyst assigned to them to assist with IT Governance, Risk, and Policy Compliance.  The security analyst will serve as IT security consultant.  Security analysts will engage IT Managers and IT Pros in regular meetings as part of an ongoing program.  Personalized consultations will help units improve IT security practices, assist with risk assessments, and provide units with risk mitigation recommendations.

Learn more about Cyber Risk Review

IT-28 Inventory Tool instructions

  • Use this as a visual guide to using the IT-28 Inventory Tool

  • Access the IT-28 Inventory Tool

  • Contact to gain access to the IT-28 Inventory Tool.

Download the tool instructions

Help! I have questions

If you have questions concerning IT-28, send an email to