Cyber Risk Mitigation Responsibilities, IU policy IT-28, ensures that the community works to “vigilantly mitigate cybersecurity risks, maximize physical security for IT systems, and minimize unacceptable risks to IT systems and data from natural disasters (collectively, 'Cyber Risks')".
Participating IT units at Indiana University have a UISO security analyst and a security engineer assigned to support the unit's continuous engagement in cyber risk mitigation and to assist with the Cyber Risk Mitigation Responsibilities policy (IT-28).