Information Security & Assurance (ISA)

ISA supports the following activities:

Safeguarding UA's digital assets, data, and networks from potential cyber threats and attacks.
Implement and maintain robust security measures to protect against unauthorized access, data breaches, malware, and other security risks.
Conduct regular assessments to identify vulnerabilities in systems, applications, and infrastructure and then develop and deploy appropriate solutions to address these weaknesses.
Educate staff, faculty, and students about cybersecurity best practices and ensuring compliance with relevant security policies and regulations.
Maintain the confidentiality, integrity, and availability of UA's sensitive information and technology infrastructure.

About Us

Our Team, Governance, Opportunities to get Involved

Learn More

Documentation

Program Information, Standards, and Supporting Content

View Docs

Our Services

View and Request Services from our Interactive Service Catalog

Service Catalog

Security Matters

Be a part of the solution!

Learn More

Our Portfolio

Information Security and Assurance has a broad responsibility in support of UA.

Data Privacy & Compliance

Facilitates institutional efforts around data privacy and data-focused compliance. This includes third-party data privacy incident management, contractual and regulatory compliance review and assessment activities, etc.

Governance & Strategic Planning

We appreciate active engagement from our constituents, and governance groups provide one such opportunity. Strategic planning efforts link ISA plans, goals, and objectives with those of the larger IT groups and with the University System as a whole.

Identity & Access Management

Supports selected activities related to account onboarding/offboarding, lifecycle management, privilege management, single-sign-on, multi-factor authentication, privileged account management, federation (InCommon/eduRoam), etc.

IT Risk Management

Leads institutional efforts around IT risk management, conducts routine and ad hoc assessments, coordinates risk registers and remediation activities, facilitates third party/vendor risk management efforts, etc.

Records & Information Management

Provides system-wide guidance on records retention and disposition for both physical and electronic records, supports enterprise content management platform, etc.

Security Operations & Incident Response

Coordinates system-wide security tool deployment and management, administers centralized security tools, facilitates incident response and things like DMCA complaints, legal holds, HR investigations, etc.

Office of Information Technology

Information Security & Assurance (ISA)

ISA supports the following activities:

Safeguarding UA's digital assets, data, and networks from potential cyber threats and attacks.

Implement and maintain robust security measures to protect against unauthorized access, data breaches, malware, and other security risks.

Conduct regular assessments to identify vulnerabilities in systems, applications, and infrastructure and then develop and deploy appropriate solutions to address these weaknesses.

Educate staff, faculty, and students about cybersecurity best practices and ensuring compliance with relevant security policies and regulations.

Maintain the confidentiality, integrity, and availability of UA's sensitive information and technology infrastructure.

Our Portfolio

Information Security and Assurance has a broad responsibility in support of UA.