The IT Division provides a number of assurance activities to the Laboratory, in both its oversight role for IT and its role as service provider.
As a service provider, we are responsible for providing assurance that our systems are working as intended. Monitoring tools such as those that check our availability, combined with reviews, oversight by our institutional committees, and customer service and strategic surveys, help us to provide assurance that we are doing what we say we are.
In its oversight role, the Computer Protection Program and Office of the CIO provide various forms of assurance to the University and DOE that cyber security and IT throughout the Laboratory are being appropriately managed. Techniques such as self-assessments, peer reviews, ongoing technical testing, and incident analysis help us to provide this institutional assurance.
The Cyber Security Program Plan lays out the key institutional assurance mechanisms for cyber security.
Fiscal Year 2014 Assurance Plans and Reports
Archived Assurance Reports
Cyber Security Scorecard: FY09Q1 Performance