Information Security Services

Overview

Information Security Services support the Information Security Plan which is developed collaboratively through the Office of Information Security governance bodies.

Offerings

• Incident Management & Response - Provides coordination and reporting responsibility for information security incidents that represent a material risk to the University as well as support to Schools and Centers upon request for general security incident response practices
• Security Consultations - Supports common information security needs including vendor risk management and Splunk analysis
• Training & Awareness - Offers formal and informal training and awareness events, programs, courses and materials on information security
• Vulnerability Scanning - Relies on industry standard tools to examine computing devices for known vulnerabilities and weaknesses

Benefits

• Support of due diligence and best practices
• Compliance with legal and regulatory standards
• Identification of potential security issues for preventative remediation
• Support of technical and application development efforts involving computer data security and integrity issues

Who Can Benefit from This Service

University faculty, staff, students, affiliates, guests, and UPHS

Additional Information and Resources

• Office of Information Security
• IT Security Policy
• Computer Security Incident Handling
• Reporting Concerns to Penn Office of Information Security
• Chain of Custody Form
• Office of Audit, Compliance, and Privacy
• Office of the General Counsel