Office of Information Security Logo
Training and Services Logo

Risk Assessments

The foundation of the University's Information Security Program is its Security Risk Assessment.  The Security Risk Assessment is a requirement set forth by the University System Information Security Policy and Standards Section 3.1. It is our goal, that upon completing these Risk Assessments each Campus will be able to determine the acceptable level of risk and the security requirements for the system and its corresponding facility.

Policy Adherence

Policy Adherence relates to the controls that fall outside the scope of UMS Security Risk Assessments. IT, HR, and Information Owners will self assess to determine the degree to which they are complying with the UMS Information Security Policy and Standards. 

Incident Response

An immediate and thorough response to an Information Security incident is required by legislation and by the UMS Information Security Policy and Standards (Section 10).  This plan describes the overall UMS approach to responding to incidents, outlines procedures to be followed when an incident is discovered, and provides a foundation for campuses to build local plans.




Throughout the University System, faculty and staff handle a great deal of information every day including legally protected information. Students and others entrust the University System with their information.  It is important to keep updating our knowledge in order to keep up with new and evolving threats as well as regulatory requirements.

Monthly Security Notices

An archive of important notices from the home page.



16 Central Street Bangor, Maine 04401
Telephone: (207) 973-3201 | Fax: (207) 973-3296
Express Message: (207) 973-3399 | TTY Phone (24 Hours)(207) 973-3262