The Privacy and Information Security Management (PrISM), SRS team’s mission is to reduce the risk of a privacy or information security breach impacting the UBC community, while enabling strategic risk acceptance in support of UBC’s strategic plan.
Privacy & Information Security
We provide the following services to the UBC community to fulfil this mission:
Privacy Impact Assessment (PIA)
Privacy Impact Assessment (PIA): Perform PIAs for new or existing projects / systems that are being substantially modified; thereby, fulfilling a legal requirement under FIPPA and better protecting the information in UBC’s custody.
Risk Assessments & Tools
Perform custom risk assessments / investigations into emerging, or prevalent risk areas to assist in better understanding and mitigating privacy and information security risk.
- Privacy Impact Assessment (PIA) helps identify and mitigate potential privacy and security issues related to all new or substantially modified systems, projects, programs or activities, thereby fulfilling UBC’s legal requirements.
- Application Risk Assessments (ARA) covers technical risk areas such as vulnerability management and privileged access.
- Operational Risk Assessments (ORA) focuses on risks relating to end-user handling of personal information
- Tailored Risk Assessments (if none of the above fit your needs)
- PIA Risk Classification Tool (EXCEL)
- Application Risk Assessment (EXCEL)
- Operational Risk Assessment (EXCEL)
- Privacy and Information Security Requirements & Risk Assessment (EXCEL)
- Implementation Checklist (EXCEL)
- Privacy & Security Solutions & Services Integration Checklist (WORD)
Privacy & Information Security Fundamentals Training
Nearly every UBC faculty and staff member has access to Confidential Information, including personal and payment card data. As the loss or disclosure of this information could be very harmful, it’s important for you to know how to protect it. The Privacy & Information Security Fundamentals Training is comprised of the following topics:
- Privacy & Personal Information
- Transmission & Sharing of Information
- Storage & Encryption of Information
- Working Remotely
- General Privacy & Information Security Tips
Undertake special projects to better identify, measure or mitigate key privacy or information security risks and provide (privacy and information security-related) consulting services to the community.
^ Back to Top