Information Security Office

The Information Security Office (ISO) continuously strives for daily operational excellence to ensure the confidentiality, availability, and integrity of University of Utah information technology systems and data through exploitation of appropriate security resources and best practices.

The ISO team works in partnership with the University, as well as external entities, to help ensure that the University of Utah is exposed only to acceptable risks within its educational, research, patient care, and community outreach missions. Our responsibilities include:

    • Identifying and responding to incidents
    • Working with IT administrators to identify and contain security breaches, threats, and vulnerabilities
    • Coordinating the remediation of operational vulnerabilities across network and information systems processing environments
    • Conducting forensic data analysis
    • Recommending network and security device (IDS/IPS/Firewall) configuration changes
    • Performing security assessments and evaluations of penetration testing tools and procedures
    • Performing periodic vulnerability assessments across networks and attached systems, and providing results to system owners and leaders
    • Providing education and training on tools, technical vulnerabilities, etc., and advice on semailto:randy.arvay@utah.educurity trends and approved best practices

 

ISO Organizational Chart

Policy 4-004: University of Utah Information Security Policy

Visit the ISO website

 

Chief Information Security Officer: Randy Arvay, Ph.D.
UIT Information Security Office
The University of Utah
102 S 200 E, Suite 110
Salt Lake City, UT 84111

randy.arvay@utah.edu
801-213-3397

Last Updated: 5/16/17