Information Security Compliance

We serve as the university's resource for information security compliance and administer its information security compliance program.

Visit our site
Contact Us about

About Us

The Information Security Compliance Office (ISCO) oversees information security policies and standards; provides compliance oversight and risk assessments; coordinates information security efforts and incident response; and increases user awareness. Reporting to the Vice President for Risk, Audit, and Compliance, the ISCO works in conjunction with IT Enterprise Security, Audit Services, Institutional Compliance and officials in compliance areas such as GLBA, HIPAA, FERPA, PCI and Export Controls to maintain regulatory compliance and to protect the confidentiality, integrity and availability of University information assets.

Report an Information Security Incident

Information security is everyone's responsibility. To report a violation or suspected information security incident, contact the Information Security Compliance Office. You can also anonymously report any compliance violation or suspected incident via the 24-Hour Compliance Hotline at 1-877-852-1167.

Report an incident
Call the 24-Hour Compliance Hotline

Explore the Information Security Compliance Office

Learn more about our services and resources.
Information Security Compliance Program

Information Security Compliance Program

The primary goal of the information security compliance program is to protect the confidentiality, integrity and availability of University information assets.
Information Security Policies and Standards

Information Security Policies and Standards

Consistent University Information Security policies and supporting standards provide a common approach to compliance, regulatory and operational requirements.
Awareness and Training

Awareness and Training

A key component in the success of the university's Information Security Program is security awareness. We provide a variety of awareness and training resources.
Incident Reporting

Incident Reporting

Every user of University information resources has responsibility for the protection of information assets; certain offices and individuals have very specific responsibilities.
Tools and Resources

Tools and Resources

We provide services, tools and helpful information to assist you in complying with university policy and other state, federal and industry regulations applicable to your entity, program or department.
Vendor Assessment Process

Vendor Assessment Process

The vendor assessment process helps us ensure the security and protection of information resources, including sensitive data transmitted by, stored by or shared with a third party vendor.

Contact Us

Information Security Compliance Office

Department Website about

Phone

502-852-8305
502-852-0665

 

Location

University of Louisville
Louisville, Kentucky 40292

Hours

Monday – Friday 
8 a.m. – 4:30 p.m.
Closed Holidays

Email