Governance

 

The Cyber Security Programs are governed and guided through a formal multi-tiered structure, through the use of various committees. These committees function within their charters and are chaired by the appropriate Executive Manager:

 

Cyber Risk Management Group

  • The BSD Cyber Risk Management Group (RMG) evaluates cyber risks posed by information systems, including business practices,and determines whether the risk-benefit calculus is within the organization’s risk appetite and tolerance levels.

Privacy and Security Steering Committee

  • TBD

University of Chicago Audit Committee

  • The University of Chicago Audit Committee has the primary responsibility for establishing and maintaining a sufficient system of internal controls. Internal Audit will evaluate internal controls of the BSD adequacy, operating environment, and related accounting, financial and operational policies, and report the results accordingly.

University of Chicago Medical Center Audit Committee

  • TBD

 

Committee Name  Committee Charter
Cyber Risk Management Group  Cyber Risk Management Group Charter
Privacy and Security Steering Committee  Privacy and Security Steering Committee Charter
University of Chicago Audit Committee  University of Chicago Audit Committee Charter
University of Chicago Medical Center Audit Committee  University of Chicago Medical Center Audit Committee Charter