Welcome to the Data Security Compliance Program website for FAS!
We look forward to working with you on your Data Security Compliance needs and questions.

The Finance and Administrative Services Data Security Compliance Program (FAS DSCP) is part of the Enterprise Data Security Compliance Program to assist units in FAS to reduce IT security risk exposure by securing sensitive data and satisfying compliance requirements.

Security is a shared responsibility. 

All Workforce Members are responsible for ensuring the protection of Institutional Information and IT Resources. Understanding the risks, threats, costs and incidents associated with securing Institutional Information is a shared responsibility.

Our Current Events & Activities

Application Inventory - We are working gathering application inventory. If your unit is running an application not located in our database, please fill out the following form: Application Inventory. If you are not sure, please fill out this form and we will work with you - Report your application to the FAS DSCP.

Risk Assessment Cycle - We have completed a Risk Assessment of Applications in FAS and are now working to create remediation plans with system owners.

Application Risk Determination - We are worked with Enterprise DSCP to help develop the Inherent Risk Survey which labels applications at a LOW, MEDIUM, or HIGH risk rating. With this effort, we have identified a baseline of our applications' risk.

Training Reporting and Awareness - We help alert people in FAS of their IT security related trainings such as Cyber Security Awareness and System Administrator training.

UCSF Calendar Events

Wed
08

Office 365 Webinar: Education and Research

Date: April 8, 2020
Time: 12:30 am