Search Information Security site


Main menu

Information Technology Policy & Compliance

The Information Technology Policy & Compliance team within InfoSec is responsible for developing information technology policies, standards, and procedures and ensuring compliance with those policies. This team conducts information security reviews of all new projects involving the use or storage of highly sensitive UVA data, responds to UVA policy exception, Shibboleth (NetBadge), and business continuity information access requests, and oversees annual risk management assessments for all departments and other unit areas within the University.  The IT Policy and Compliance group provides support to departments, guiding them towards compliance with UVA information technology resource policies

• Security Education & Awareness conducts all information security education and outreach programs such as employee awareness training, speaker series, phishing simulation exercises, and awareness marketing.

This team can be reached by sending an email to [email protected].


Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form