Information Security Compliance

We serve as the university's resource for information security compliance and administer its information security compliance program.

About Us

The Information Security Compliance Office (ISCO) oversees information security policies and standards; provides compliance oversight and risk assessments; coordinates information security efforts and incident response; and increases user awareness. Reporting to the Vice President for Risk, Audit, and Compliance, the ISCO works in conjunction with IT Enterprise Security, Audit Services, Institutional Compliance and officials in compliance areas such as GLBA, HIPAA, FERPA, PCI and Export Controls to maintain regulatory compliance and to protect the confidentiality, integrity and availability of University information assets.

Report an Information Security Incident

Information security is everyone's responsibility. To report a violation or suspected information security incident, contact the Information Security Compliance Office. You can also anonymously report any compliance violation or suspected incident via the 24-Hour Compliance Hotline at 1-877-852-1167.

Explore the Information Security Compliance Office

Learn more about our services and resources.
Information Security Compliance Program
The primary goal of the information security compliance program is to protect the confidentiality, integrity and availability of University information assets.
Information Security Policies and Standards
Consistent University Information Security policies and supporting standards provide a common approach to compliance, regulatory and operational requirements.
Awareness and Training
A key component in the success of the university's Information Security Program is security awareness. We provide a variety of awareness and training resources.
Incident Reporting
Every user of University information resources has responsibility for the protection of information assets; certain offices and individuals have very specific responsibilities.
Tools and Resources
We provide services, tools and helpful information to assist you in complying with university policy and other state, federal and industry regulations applicable to your entity, program or department.
Vendor Assessment Process
The vendor assessment process helps us ensure the security and protection of information resources, including sensitive data transmitted by, stored by or shared with a third party vendor.

Contact Us

Information Security Compliance Office

Department Website about

Phone

502-852-8305
502-852-0665

 

Location

University of Louisville
Louisville, Kentucky 40292

Hours

Monday – Friday 
8 a.m. – 4:30 p.m.
Closed Holidays