Information Security Checklist and Requirements

When procuring goods or services for the university that require contractors / suppliers to access our protected level data they must acknowledge that they will comply with our security requirements. The attached Security Data Requirements Checklist will enable departments to assess their procurement types to determine if the security data requirements should be included in the contractual documents.

Contractors / suppliers would then need to acknowledge that they comply in accordance with the Security Data Requirements Exhibit.

The campus information security officer’s draft security plan is posted on their Web site, Information Security Plan.

These requirements are in section 3.15, “Procurement and Contracts Information Security,” referenced here: