Privacy & Information Security (PrISM)
The Privacy and Information Security Management (PrISM)-SRS team drives privacy and information security risk management and accountability, striving to protect information in UBC’s custody. We facilitate the identification and mitigation of privacy and information security related risks across the institution in collaboration with the Office of the University Counsel and UBC Cybersecurity. The core services include:
- Privacy Impact Assessment (PIA) and Security Threat Risk Assessment (STRA): Identifies and mitigates privacy and information security risk in projects
- Information Security Compliance Support: Helps identify information security gaps and drive improvement at an institutional level
- Online privacy & information security training: Training for all employees to increase awareness of risk and drive cultural change
Learn more about PrISM’s services:
Privacy Impact Assessment (PIA)
PIAs are for new or existing projects / systems that are being substantially modified and will need to fulfill the legal requirement under FIPPA to protect information in UBC’s custody and mitigate against privacy and information security risk.
Privacy & information security training
Nearly every UBC faculty and staff member has access to Confidential Information, including personal information or payment card data. As the disclosure of this information could be very harmful, you need to know how to protect it.
Compliance support program
The Compliance Support Program exists to communicate essential controls, clarify accountability for securing information systems, and support units in understanding their gaps so as to be able to develop plans and processes to improve security.
Other services
Undertake special projects to better identify, measure or mitigate key privacy or information security risks and provide (privacy and information security-related) consulting services to the community.