Information Security Policy Exception Management Process

  1. Policy Exception –Initial Request Form Complete and submit the online Initial Request form.
  2. Policy Exception Request Template (Word) - Download/Print this form to explain the details of your exception request.
  3. Compliance Risk Acceptance Form (PDF) - Part of the information security policy exception management process used to document any significant exception considered by the Review Committee. The form is designed to present the potential risk to the responsible department head, vice president and/or dean for their risk acceptance.


3rd Party Vendor Risk Assessment Process

  1. Vendor Assessment Form - Complete and submit the online form as the initial step in the vendor assessment process. This form will be used as part of the University Purchasing and RFP process to determine vendor access to University data.