Information assurance is a shared responsibility, and every member of the U-M community has an important role to play. ITS Information Assurance (IA) staff members work with Security Unit Liaisons (SULs) across the university to coordinate and leverage university information assurance activities to meet unit requirements and support unit missions. IA works to secure the University of Michigan.
For a summary of IA support for U-M unit's see the Information Assurance for U-M and Your Unit brochure (PDF).
ITS Information Assurance Office
The ITS Information Assurance Office:
- Directs IT security, policy, compliance, privacy, enterprise continuity, and identity and access management (IAM) strategy across the entire university.
- Proactively mitigates IT security risks in partnership with U-M's campuses—UM-Ann Arbor, UM-Dearborn, UM-Flint, and Michigan Medicine.
- Collaborates with U-M units to:
- Develop university IT security, privacy, and IAM strategy.
- Implement best practice security, privacy, and IAM infrastructure and protocols.
- Takes a risk-based approach to securing the university’s most sensitive information assets that enables teaching, learning, research, and healthcare in a large open environment.
- Provides operational information assurance and IAM services that enable the university to excel in its research, teaching, and patient care missions
- Provides guidance to the entire university community on IT security and privacy compliance best practices to help individuals protect university systems and data, as well as their own personal information.
U-M Security Posture
The university embraces a risk-based security posture. That is, we work from a cybersecurity risk management framework that incorporates best practices for protecting U-M’s critical IT infrastructure and data assets. We focus our IT security efforts on areas of greatest risk and expect all members of the university to share in the responsibility for information security.
- U-M IT Security Posture (U-M login required). This document provides details about the university's security posture that members of the university community can use when working with granting agencies, vendors, and others who require this information.
Information Assurance Capabilities
IA provides some capabilities to the university at large and makes additional services available on request. In addition, IA provides IT security and privacy guidance, best practices, and information.
- Key capabilities are listed at Information Assurance Capabilities.
- To request services from IA, ask questions, make suggestions, or share concerns, work with your unit's Security Unit Liaison (SUL) or contact us through the ITS Service Center.
We secure the U-M environment by balancing security and openness, which is a hallmark of academic institutions. Over the years, we have remained committed to protecting the U-M culture, values, and belief in privacy, academic freedom, and free thought and expression.