Service Level Agreement: Information Security

Information Security

Service Level Agreement: Information Security (PDF)

• Incident Response - Advise on incident response process to minimize the threat of damage resulting from a breach of university data, in addition to notifying proper authorities when confidential data is involved.
• Forensics and Investigations - Forensic and investigation services by request of specific departments that have investigative authority.
• Risk Assessments - Security risk assessments based on established frameworks and best practices to help departments identify risks and reduce them to an acceptable level.
• Vendor Security Review - Assessment of technology solutions to identify risks associated with the vendor, technology, or how it will be used.
• Consulting - Advise departments on development of best security practices and controls to protect information technology assets.
• Training and Awareness - Structured educational training and awareness tailored to OHIO faculty, staff, and student employees.
  • IT Security Workshop - In-person training sessions provide a better general understanding of information security best practices, data protection, and regulation requirements.
  • Online IT Security Training - Online, self-paced training consisting of short videos and accompanying quizzes.
• Monitoring - Real-time network threat detection by analyzing university owned networks and systems.
• Information Security Policies and Practices - Develop university policies and standards to continuously protect and secure the institution's data and information resources as well as comply with and maintain legal and contractual requirements.