A Research IT Security Plan is often required to ensure compliance with Data Use Agreements, contract/grant requirements, and/or because your project is dealing with highly sensitive data. The Research IT Security Plan is an internal document that is used to make sure research teams are following best practices when it comes to data security. As a general recommendation, please be as detailed as possible when filling out the document. A copy of the document can be found here. You will need to download a copy of the document in order to edit. Please email email@example.com if you need assistance.
1.) If using campus resources, contact your local IT support admin for assistance in filling out the document. If unknown, contact firstname.lastname@example.org to determine who your local IT support admin is.
2.) List out all data points collected and determine data classification.
3.) List out all services your data will touch – storage locations, collaboration tools, university-owned or personal computer/laptop, analysis software, etc.
4.) Submit completed Research IT Security Plan to email@example.com for review.
*Please note*, the Principal Investigator and the Technical Lead should not be the same person. The Technical Lead should be someone working under an IT job classification.