Secure UD Toolkit
IT provides tools to assist unit heads in planning and managing their unit's IT-related risk and information security. Each of the following tools is designed to satisfy and/or work in conjunction with the requirements of the Secure UD Data Governance & Security Program (Secure UD DGSP). Units may contact IT for assistance with understanding and implementing these tools.
The Secure UD Toolkit bundles together essential IT security documents and tools. It's designed to give unit heads an easy way to get started with Secure UD and continually improve their unit's security posture.
For more information about how to get your unit started with Secure UD and the Secure UD Toolkit, read the unit guide to managing data risks and contact IT Security for a consultation.
A University of Delaware login is required to download the Secure UD Toolkit.
Contents
The Secure UD Toolkit contains the following tools:
Tool
Description
Download
The University's comprehensive plan for information security and risk management. This document includes an explanation of the University's risk management framework and the administrative, operational, and technical security controls for securing IT resources.
Last updated: 28 February 2018
Current version: v1.10
A lightweight, streamlined assessment tool that helps you evaluate, understand, and improve your unit's information security posture. Includes a survey, instant compliance and risk report, and risk management strategy template to assist you with planning and measuring your unit's security efforts.
Last updated: 30 May 2018
Current version: v1.11
Units that handle Protected Health Information (PHI/ePHI) and are covered entities under HIPAA, or that handle cardholder information subject to the Payment Card Industry Data Security Standard (PCI DSS), should complete the Secure UD Risk Assessment Tool instead of the Secure UD CARS.
A tool to assist you in evaluating and managing risks to your unit's data. Includes a data survey, assessment, instant risk report, and risk management strategy template to assist you with managing your unit's data risks.
Last updated: 30 May 2018
Current version: v1.00
The Secure UD RAT is recommended as a replacement for the Secure UD CARS for units with highly sensitive data subject to laws and regulations. It includes a HIPAA and PCI DSS specific assessment templates.
Units that are required by law or regulation to complete risk assessments should perform a full risk assessment (usually with the assistance of an independent assessor) every 3-5 years. The Secure UD RAT should be completed in the interim years to assist with continued risk management without the operational strain of a full audit.
A tool to assist you with creating and maintaining your unit's information security plan, which lays the groundwork for managing your unit's information risk.
Last updated: 28 February 2018
Current version: v1.10
A written agreement that documents the responsibility of each end user to appropriately manage the IT resources in their care.
Last updated: 28 February 2018
Current version: v1.00
Secure UD Contractor Confidentiality Agreement
A written agreement that documents the responsibility of contract personnel to appropriately University information as they provide services to the University.
Last updated: 28 February 2018
Current version: v1.00
