Skip to content
Tools & Services

Third-Party Risk Management

As part of Third-Party Risk Management, GRC will review the privacy and security compliance posture of all contracts and purchases related to university data. 

Offered by
Governance, Risk and Compliance
Contact
securitysupport@illinois.edu
Cost
Free, available upon request; required for purchases involving university data

Our aim is to serve as a “concierge” service to help you navigate the myriad of compliance requirements that might apply to your project. 

  • If your project will result in a purchase that will store, collect, access, create, manage, process, or transmit university data, engage the GRC process at the beginning of the project to help avoid implementation delays.
  • To begin, fill out the Initial Risk Assessment (http://go.illinois.edu/vendorrisk) to provide information about your project.

Vendor cooperation is by far the primary determining factor as to how long a review takes. You may be able to speed things up by taking an active role to ensure your vendor is responsive to the needs of the process.