Revisions to ISO Policies: ISO-100 through ISO-1600
All-UA
Revisions to ISO Policies: ISO-100 through ISO-1600
To: All Campus/All University Employees, DCCs, Students
Compliance Office
Subject: Revisions to ISO Policies: ISO-100 through ISO-1600
Date: October 28, 2021
Form Notice of Proposed Policy Revision
University of Arizona
Notice of Proposed Policy or Policy Revision:
Information Security Office (ISO) Policies Package
(ISO-100 through ISO-1600)
Pursuant to the authority established by Arizona Board of Regents Policy No. 1-201, et seq., and the University of Arizona's policy on University Policy-making, the following action is proposed:
ADOPTION OF POLICY REVISION to ISO Policies 100-1600
SUMMARY:
The landscape of information security threats and vulnerabilities change constantly. Furthermore, constant changes at the University create the potential for different information security business impacts if a threat actor can exploit a vulnerability. Therefore, annual discussion and revision of University information security policy is needed to create balance between the University's information security risk tolerance and the University's actual information security risk. Additionally, for the University to continue to maintain Cyber Risk Insurance Policy coverage at industry standard premiums, several policy revisions were identified as being essential.
A copy of the revised policies are available at the University Policies website. Members of the University community are invited to submit written comments to policy@email.arizona.edu. All comments must be received by close of business on December 3, 2021.