Definitions
Standard security controls that must be in place on all University-owned computing devices to ensure they are in compliance with University Policies. These include, but are not limited to, anti-virus software, password protection, and regular software updates.
A bridge letter is a letter from a vendor that attests to the continued validity and accuracy of the provided external assessment (no significant changes in their environment or threat landscape) between the report end date and the current date. UVA requires that a bridge letter may span no more than six months from the report end data and the date of UVA's request for an external assessment report.
Report an Information
Security Incident
Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.