Policies and Compliance
Sidebar
Policies and procedures make the backbone of a cybersecurity program. It’s where we all arrive at a consensus to say, “this is what we believe is necessary to protect our community.” By putting these agreements in writing, we can establish standards, come up with procedures and follow compliance with regulations. It makes a pathway for dialogue and provides guidance for exceptions.
Information Security Office establishes UofL's Information Security Policies and Procedures. We encourage you to bookmark the The University of Louisville Policy and Procedure Library for reference.
Reporting
If you think you may need to report misconduct or non-compliance, the university has made available two ways to report observed or suspected misconduct. That includes noncompliance with laws or university policies, procedures and events negatively affecting the confidentiality, availability and integrity of UofL data. Reporting early can help prevent security incidents.
Anonymous Reporting
- Report anonymously via the Compliance Hotline. This is a third-party vendor that UofL has for anonymous reporting. You may call the Compliance Hotline toll-free at 877-852-1167. A trained risk specialist will document your information and generate a written report to the University Integrity and Compliance Office for follow-up.
- You may also write and submit an online report at the same third-party vendor.
- You can also send mail to UofL's Compliance office: University Integrity and Compliance Office, 215 Central Avenue, Suite 205, Louisville, KY 40208.
Non-anonymous reporting
- You may speak with your supervisor or the university compliance official who has oversight authority for the policy or law.
- For all cybersecurity incidents, contact secureit@louisville.edu. For data privacy and breach related incidents, contact isopol@louisville.edu. You may also contact the Helpdesk at 502-852-7997, or online.