Summary
This article explains how to request a Data and Technology Risk Review to ensure compliance with cybersecurity, technical, and legal standards before completing technology purchases, renewals, or contract updates.
Body
Topics Answered in this Article
What steps are required for the IT security review before a renewal?
Where do I submit the Data and Technology Risk Review?
Do I need approval from IT before updating a software agreement?
I need to submit the new contract.
Where is the new IT Questionnaire for software and contract renewals?
Overview
This article explains how to request a Data and Technology Risk Review to ensure compliance with cybersecurity, technical, and legal standards before completing technology purchases, renewals, or contract updates.
How to Request a Risk Review
- Complete the IT Security Review: Submit Data and Technology Risk Review request.
- Await IT Security Approval: The IT security team will review your submission and may request additional details. Once approved, you will receive an email confirmation.
- Upload Approval with Contract: Attach the IT security approval email to your contract in Agiloft.
Additional Details
The Data and Technology Risk Review service request is used by the Cybersecurity Governance, Risk, and Compliance team to evaluate technology purchases, changes, renewals, contract terms, data integrations, and other requests. The goal is to ensure compliance with technical, cybersecurity, and legal standards. This process helps identify whether the request involves sensitive or critical business data/services and ensures that appropriate controls are in place to reduce risk to the University. A key stakeholder from the business unit responsible for the technology or service should complete this intake form.