Office of Information Security

Information Security policies are formal statements that specify a set of rules that all users must follow when gaining access to UC’s information and information systems. 

• Governance and Compliance: establishing guiding policies, standards, guidelines, and procedures, guided by regulatory compliance and data security.
• Education and Awareness: offering Campus Roadshows, training events, Cybersecurity Awareness Month, Paper shred events and on demand training.
  
• Risk Management: by mitigating vulnerabilities through vendor risk assessments, risk mitigation guidance, technology procurement reviews, and risk acceptance documentation.
  
• Incident Response and Forensics: Rapid, effective solutions to security incidents for minimal disruption. Includes logging and monitoring, digital forensics, investigations, and a student lead SOC.
  
• Security Operations: supporting enterprise security tools and technology to include, but not limited to: multi-factor authentication, anti-virus, password manager, encryption and SSL certificates.
  

The OIS is committed to ensuring a secure, connected, and personalized tech environment for everyone at the University of Cincinnati. Our mission is to safeguard UC's digital future with proactive security, ongoing engagement, and adherence to top infosec practices.

For access to Security Review documentation, Risk Assessment Forms, and other related materials please visit Bearcats Landing.