Overview
Starting August 1, 2024, the OU IT Security Profile Summary, shared when a security assessment has been completed, is changing it’s look and feel. The image below provides an overview of what to expect in the new report format.
Introduction *NEW
The introduction section provides a summary of the assessment and instructions for you to follow.
Vendor Background *NEW
The vendor background section provides specific details about the vendor and product assessed, including the expiration date of the assessment.
Company Profile *UPDATED
The company profile section replaces the first page of the old Security Profile Summary report and provides specific attributes collected and tracked by OU IT. These attributes are used by other teams during the procurement process.
Key Risks
The key risks sections provides you with a list of security tasks. It is the responsibility of the Data Steward or Asset Administrator to review these risks and develop a plan to address them.
Assessment Summary
The assessment summary sections give an overview of the vendor's score and how it was calculated.
Remediation Summary
The remediation summary shows the improvement progress for any open risks.
Conclusion
The conclusion section provides links to the IT DR and Access Control Runbooks and IT Security Exceptions.
Evidence
The evidence used to generate this report section provides a list of data sources used to compile the security profile summary.
