The Information Security Policy Exception form allows a school or unit to request an exception to an Information Security related Policy or Standard with appropriate compensating controls and supporting documentation to address circumstances where strict compliance cannot be met with reasonable efforts or would significantly impair the educational, research, business, or service missions of the university.
The form is used to manage non-compliance and to define the organization's requirements for enforcing effective policy exception management and is submitted to the Information Security Office for approval or denial based on the risk it poses to the organization.
Available to
Cost
N/A
How to Request Service
Click the "Request Service" button to the right.