The Cyber Security Programs are governed and guided through a formal multi-tiered structure, through the use of various committees. These committees function within their charters and are chaired by the appropriate Executive Manager:
Cyber Risk Management Group
The BSD Cyber Risk Management Group (RMG) evaluates cyber risks posed by information systems, including business practices, and determines whether the risk-benefit calculus is within the organization’s risk appetite and tolerance levels.
Privacy and Security Steering Committee
University of Chicago Audit Committee
The University of Chicago Audit Committee has the primary responsibility for establishing and maintaining a sufficient system of internal controls. Internal Audit will evaluate internal controls of the BSD adequacy, operating environment, and related accounting, financial and operational policies, and report the results accordingly.
University of Chicago Medical Center Audit Committee
|Committee Name||Committee Charter|
|Cyber Risk Management Group||BSD-Cyber-Risk-Management-Group-Charter|
|Privacy and Security Steering Committee||Privacy and Security Steering Committee Charter|
|University of Chicago Audit Committee||University of Chicago Audit Committee Charter|
|University of Chicago Medical Center Audit Committee||University of Chicago Medical Center Audit Committee Charter|