Skip to main content
It looks like you're using Internet Explorer 11 or older. This website works best with modern browsers such as the latest versions of Chrome, Firefox, Safari, and Edge. If you continue with this browser, you may see unexpected results.

IT Service Catalog

Information Technology Service descriptions

Security Compliance Consulting

Security Compliance Consulting

Description: Security consulting for College projects, academic needs, third-party installations, cloud services, operating systems and databases.

Eligibility:  Staff and faculty

How to request:  ITS Help Request system

Initiated:  ITS Help Request; in response to an audit or 3rd party security review; or as part of a project with an approved ITS Project Charter

Availability:  Consulting available during normal business hours (8am – 5pm Monday through Friday excluding holidays and campus shutdowns.) Approved automated information security monitoring available 24x7.

Charges:  There is no charge for in-house resources. Complex security and compliance requirements may require 3rd party security resources for a fee

Features:

  • Consulting to ensure compliance with legal and policy requirements to reduce the risk of security breaches or data integrity issues. These requirements include Wofford security policy requirements, the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standards (PCI-DSS), the Federal Education Rights and Privacy Act (FERPA), and others.
  • Consultations arranged at a mutually agreeable time and may involve multiple meetings with project teams and/or data stewards.
  • Security architecture review and planning including secure network design, third party software reviews, and vendor access to the campus network
  • Works with the Director of Purchasing and Risk Assessment to ensure appropriate cyber-insurance and risk management.

Owner: Matt Fisher

Pre-requisites:

  •  Adequate power and network environment for security infrastructure

Delivery Channels:

  • Complete ITS Help Requests
  • Security plans and strategies
  • Consulting and Support

Service Targets:

  • Annual certification of compliance with the appropriate PCI-DSS level
  • Successful response to annual financial audit security questions
  • No security breaches requiring a cyber-insurance claim