Security, Identity and Access Management & Enterprise IT Risk Management

Responsibilities of the Office of the CISO

The CISO defines and reviews University-wide policies, procedures, standards, and functions spanning across IT Governance, Network Security, Application Security, Risk Management, Identity and Access Management, and Global Centers Information Security. The CISO also promotes campus wide security awareness and culture (through participation in technology deployments, trainings, presentations, meetings, and communications with various stakeholders).

  • Monitors network for signs of compromised systems
  • Investigates security violations
  • Liaises with law enforcement, Office of General Counsel, Deans
  • Manages login services
  • Manages user account provisioning
  • Manages user entitlement and privileges
  • Supports the physical security system
  • Manages security and access to the HR (PAC) and Finance (ARC) mainframe systems
  • Manages security policies, standards, and guidelines
  • Manages security awareness program
  • Administers RSAM program management
  • Performs data security risk assessments of managed central systems and non-managed systems
  • Provides security and network oversight
  • Provisions access to systems

Security Training

Security Training is available in a variety of formats to fit the needs of the various Columbia communities.

Security Awareness Presentations

Providing group presentations on current security threats confronting Universities as well as tips to maintain safe work and personal online presence.

Online Security Training

Columbia Security Training is available to all faculty, staff and students with UNI.

Note: CUMC requires mandatory annual HIPAA and CUMC Security Essentials training.

Web Developer and Application Developer Training

Hosting training courses targeted to instruct on secure web development best practices and to teach how hackers think.

IT Policy Training

Providing "lunch and learn" presentations for all staff to better understand the University’s policies and how our policies impact all employees.

Orientation Training

New Student and New Employee security awareness onboarding presentations are provided to Schools and departments upon request.

System Administrator Training

Hosting training courses targeted to instruct on secure system administration setup and security best practices.

Our Services

    Location

    Studebaker Building, 5th Floor
    615 West 131st Street
    New York, NY 10027