Information and Systems Security/Compliance

Director — David Kovarik 847-467-5930 david-kovarik@northwestern.edu

It is the mission of Information and Systems Security/Compliance (ISSC) to enable the University to conduct its business in a secure manner while achieving regulatory compliance and providing the controlled sharing of data. ISSC provides leadership and coordination in the development of policies, standards and access controls for the safe-guarding of University information assets. In addition, ISSC raises the University community's awareness of information security issues, promotes safe computing and manages the disaster recovery and business continuing planning activities for NUIT.

ISSC established the Information and Systems Security/Compliance Program, a strategic approach to ensuring the confidentiality, integrity, and availability of Northwestern University's information resources, and is actively engaging schools and departments in its implementation. As part of this effort, ISSC formed the Information Security Advisory Committee to provide guidance on the management of risk, assist in the development of policies and processes that result in secure solutions, and promote the best utilization of resources while maintaining a balance of service and security. In addition, ISSC established the Information Security Coordinator network, a cross-functional forum that assists in the coordination and performance of security-related activities. ISSC also leads the Information Security Incident Response Team (IRT), conducts security awareness sessions for departments and schools, and is the coordinator for annual information security self-assessments.