To implement the ITAP recommendations regarding information security and compliance, Dr. Frazier has asked Dr. Mike Conlon to lead an effort resulting in a single Office of Information Security and Compliance reporting directly to Dr. Frazier. The new office will serve all of UF and will include security professionals currently in multiple groups.

The new office will work closely with many other university offices including the Chief Privacy Officer, IT service providers at all levels, the Office of Audit and Compliance Review, the General Counsel, law enforcement, and many others to develop and maintain policy, perform risk assessments, develop training programs, respond to incidents, perform product evaluations and engage in compliance activities.

As part of this process, the university will establish a Chief Information Security Officer (CISO) position and a search will be conducted. As described in the ITAP report, the CISO will report to the CIO. The CISO will lead the efforts of the new Office of Information security and Compliance to improve UF.s ability to protect its information assets.

All security policies, procedures and standards remain in place as these changes are implemented.