In the Office of Information Security, our advising team collaborates with University departments and organizations on risk management practices for critical or high-risk information security assets.
To assist in this process, they have published an updated set of resources for the development and maintenance of a Security Plan.
These tools are intended to help your organization document security controls, delegate lines of responsibility and accountability, prepare for incident response, comply with Administrative Policy Statement 2.6, and more.
The updated documents and more information can be found under Resources
on the Security Plan web page.