Information Technology Risk Management Services

Assessment of IT risk and risk minimization advice

CUIT's Office of the Chief Information Security Officer conducts information technology risk assessments of Columbia's systems and applications, and advises on risk mitigation strategy. IT controls and processes can be evaluated across multiple platforms and technologies. The department will also assess your compliance with security best practices and Columbia University policies and standards, and can track your corrective actions and remediation efforts.

Services include:

  • Security evaluation for IT projects and System Development Life Cycle (SDLC)
  • Assessment of external IT services/software for IT risks and security recommendations
  • Holistic IT risk assessments of security and controls for applications, systems, and infrastructure  
  • IT vendor security assessment for vendor services and controls recommendations (as needed)
  • Risk remediation recommendations and tracking