Business Office & Human Resources
Ways we help
To request assistance with any of these, please email email@example.com
Purchase and Contract Review
Engage the Governance, Risk and Compliance team early on when your unit makes a technology purchase so that implementation plans and timelines are not sidetracked. We offer a suite of services to help purchasers navigate the world of legal, contractual, and university requirements for Privacy and Security compliance.
Risk acceptance/acknowledgement process facilitation
Registered risk acceptance with the Chief Privacy and Security Officer, 1 year duration
Risk assignment process
Risks accepted in defacto documented (gap report, risk report, recommendations, and assignment documentation) assigned/presented to unit executive(s); applicable data stewards or overriding authorities also receive notification and reports.
Risk assessment / compliance review & reporting
The team can provide a written review, gap report and recommendations
Job AidData Classification Flowchart
Understand more about how to identify and handle different types of data.
Tools & ServicesBox High Risk Folders
Box High Risk Data Folder (BHRDF) is capable of securely storing approved types of High Risk Data.
Tools & ServicesThird-Party Risk Management
As part of Third-Party Risk Management, GRC will review the privacy and security compliance posture of all contracts and purchases related to university data.