Security Exceptions
Request permission to operate a system, service, or product that cannot comply with information security policies and standards. While these exceptions may weaken protection of institutional information and IT resources, they are occasionally necessary.
Features
- Develop workarounds (compensating controls) for systems, services, or products that cannot comply with information security policies and standards
- Requests create formal documentation of exceptions to policy requirements
- Get permission from your unit’s leadership on accepting any risks involved
Support
Learn more about Security Policy and Compliance in the ITS Knowledge Base
Cost
Security Exceptions are provided at no cost
Requirements
- Campus units must follow a risk-based approach when requesting an exception to the security controls
- The head of your unit must approve the security exception request. Sometimes other approvals may be required
- In some cases, a risk treatment plan may be required. Our team may need to create this plan for you
Policy
IT Support
Search the knowledge base, browse IT guides, and open a support request.