Protecting U-M data and systems: Shared values and a community effort

Two men discuss something over a laptop in a lecture hall.
(Michigan Photography)

One of our shared values at the University of Michigan is to appropriately protect U-M systems and data. These shared values are embodied by the revised Information Security (SPG 601.27), which was approved in summer 2018.  

In 2019, ITS Information Assurance led six working sessions focused on assisting unit IT staff in planning for the implementation of a number of IT security standards that supplement and support SPG 601.27. The community engagement and collaboration with ITS’s partners across campus at these sessions is indicative of how we as a university community seek to appropriately protect U-M systems and data. 

At each working session, subject matter experts provided a brief walkthrough of two of the standards, which provide more detailed guidance on how to protect U-M systems and data. Session participants came from the Ann Arbor, Dearborn, and Flint campuses and Michigan Medicine to learn and ask questions about the policy and standards, and how they can implement them in their units. 

Feedback from these sessions is already helping ITS improve its guidance to and support for units. Audio recordings, slides, and session materials for all six working sessions are available at SPG 601.27 Implementation Presentations.

Staff members can learn about their role in implementing SPG 601.27 and can join one or more of the Communities of Practice for Information Security Standards to keep learning and contribute to the conversation. Units can request a presentation about the policy and standards from ITS Information Assurance by emailing