How does the Office of Compliance Services – Information Security oversee information security compliance?
A number of things we do:
Review and help revise the UCLA Health System policies, procedures and guidelines to define what information needs to be protected and how.
Develop educational materials and provide training.
Coordinate with ISS Risk Assessors to work with departments and business units to perform security assessments, evaluate risks, and develop remediation plans to reduce the risks.
Investigate security incidents
Perform auditing and monitoring of compliance with information security laws, regulations, policies and procedures