Communities of Practice for Information Security Standards

Information Assurance (IA) has set up joinable MCommunity groups to serve as communities of practice around implementation of the revised Information Security (SPG 601.27) policy and supporting standards. Use the communities of practice listed below to:

  • Access the collective wisdom and expertise of your U-M colleagues.
  • Ask questions of, or seek advice from, each other related to implementing and operationalizing a specific standard.
  • Share resources, success stories, and potential solutions to implementation barriers. 
  • Ask IA subject matter experts for interpretation, elaboration, or clarification related to a specific standard in a forum where others at U-M with similar job responsibilities and interests will also see the response and have the opportunity to add more insight and experience to the discussion.

Access, Authorization, and Authentication

Disaster Recovery and Backup

Data Disposal and Media Sanitization

Education, Awareness, and Training


Information Security Risk Management

Network Security

Physical Security

Secure Coding and App Security

Security Enterprise App Integration

Security Log Management

Third Party Vendor Security and Compliance

Vulnerability Management