What We Do

It's said that "an ounce of prevention is worth a pound of cure." At OSU, we treat Governance, Risk, Compliance and Privacy as the ounce of prevention that stops information security problems before they have a chance to arise.

Our team ensures the protection and proper management of Oregon State University’s information assets and technology resources. We work to establish a secure computing environment by implementing and verifying appropriate security measures, addressing risks, and supporting compliance with regulatory requirements. We focus on categorizing information, determining appropriate security controls, and verifying their implementation to protect data, especially those with regulatory mandates such as Personally Identifiable Information (PII), Personal Health Information (PHI), and Controlled Unclassified Information (CUI). Through proactive strategies and collaborative partnerships, we help the university navigate the evolving landscape of information security.

Who We Are

We are committed to maintaining a secure computing environment at Oregon State University. Our mission is to protect the university's information assets while providing guidance, training, and support to the OSU community. We collaborate with various departments, programs, and initiatives to ensure compliance with security policies and procedures, and to proactively address potential security issues before they arise.

We provide:

• Risk management consultations for departments and research projects
• Vulnerability and configuration management services
• Vendor security management to assess third-party technology risks
• Research security support to ensure compliance with regulations
• Security awareness training and resources for the OSU community