Several IT services will be unavailable early on Sunday, Dec. 7.

Learn more
Skip to main content

Information Security

Rutgers Risk Management Program

Information Security Risk Management Program

JUMP TO:Information Security Risk Management Program Services

The Information Security Risk Management Office protects the institution’s data, digital assets, and research through a structured, multi-tiered framework for identifying, assessing, mitigating, and monitoring information security risks. Aligned with federal, state, and industry regulations, the office supports Rutgers’ mission by enabling students, faculty, staff, and partners to achieve their goals while minimizing cybersecurity threats.

Utilizing established industry frameworks and methodologies, the Information Security Risk Management team performs threat and vulnerability analyses, as well as conducts ongoing assessments, to identify potential risks. These risks are evaluated based on likelihood and impact, aligned with compliance requirements, and addressed through safeguards such as encryption, two-factor authentication, and endpoint protection. Continuous monitoring of risk and vulnerabilities, attack surface management, and third-party security assessments further strengthen the university’s cybersecurity posture.

The Information Security Risk Management program is dedicated to continuous improvement, proactively adapting to emerging threats and evolving technologies. This vigilance enables the university community to innovate and collaborate with confidence, knowing their information is protected by an agile, best-in-class security framework.

Information Security Risk Management services
Our Information Security Risk Management program offers a comprehensive suite of security assessments—each designed to provide Rutgers with clear insight, actionable guidance, and measurable risk reduction. The deliverables provided across every assessmenti include:

  • Executive summary for leadership
  • Detailed technical risk report with risk matrix and risk ratings
  • Provide risk intelligence for effective remediation
  • Continued follow-up for ongoing risk monitoring and risk remediation

Information Security Risk Management Services

Empowering the university community to innovate and collaborate with confidence

Third-Party Risk Assessment

Assess security posture and provide remediation plans

Vendor Recertification (Health Check)

Monitor ongoing compliance and early-warning alerts

Vulnerability Assessment

Scan and test networks, servers, and endpoints

Data Security Assessment

Evaluate data flows and controls

Cloud Security Assessment

Review IaaS, PaaS, and SaaS environments to identify misconfigurations

Risk assessment process

Learn more about the different phases of a risk assessment project, such as data classification and asset evaluation, reporting, and recommending mitigation strategies.

Risk assessment overview

Frequently asked questions (FAQ)

Learn more about the assessment process, like when to engage the Information Security Risk Management Office and what happens during and after the process.

FAQ

Request services

Whether you’re launching a new application, onboarding a vendor, or need a quick security consult, the Information Security Risk Management team is ready to help.

Contact us