College/Unit Information Security Coordinators

The Ohio State IT Security Policy specifies the requirement for establishing security representatives from colleges, units, and campuses. The security representative, known as the Information Security Coordinator serves as the unit liaison with Digital Security and Trust for security-related matters and activities, and is responsible for the execution of Security activities in the College or Unit.


  • Primary point of contact for the implementation of the security framework in their unit
  • Attends monthly Information Security Coordinator meetings
  • Provides input and feedback on current and future security standards and initiatives
  • Ensures the review of internal processes, standards, guidelines, requirements, and practices
  • Coordinates unit-level efforts on regulatory compliance, including completion of annual surveys, assessments and Security strategies
  • Identifies unit security training needs and works with the unit training coordinator to ensure completion of training requirements
  • Facilitates the protection of institutional data collected in accordance with policies
  • Facilitates remediation, recovery, and reporting of  proven or suspected exposure or disclosure of protected information between unit and Digital Security and Trust
  • Ensures the organization has defined and staffed a privacy role, if required
  • Ensures communication of security information and reporting to the unit
  • Represents their unit during security process & product evaluations
  • Assists Digital Security and Trust’s development and delivery of security job aids and training documents
  • Facilitates the completion of internal infrastructure, systems and third party risk assessments as required by the security framework
  • Ensures Business Continuity and Disaster Recovery plans are created and tested
  • Facilitates reporting of security metrics to Digital Security and Trust
  • Coordinators in units covered by HIPAA regulations are the designated HIPAA Security Officer unless otherwise designated by unit leadership

Security Coordinator Skill & Training Requirements

Security Coordinators should meet the following requirements to best represent the Ohio State security practice and their unit:

  • Must hold a position within the unit empowered to address security-related issues and concerns
  • Must complete the Ohio State Institutional Data Policy Training
  • Completion of Risk Assessment Training, delivered by Digital Security Trust
  • Must be able to commit a minimum of 24 hours a month to the Security Coordinator role
  • Should have technical IT security experience
  • Should be familiar with unit IT practices

Units are asked to appoint Security Coordinators as a college and administrative office job duty. Replacement of the Security Coordinator appointed by the unit Leaders should be timely and gaps introduced by personnel changes should be kept to a minimum to ensure the unit is adequately represented in security conversations at all times.

Monthly Information Security Community Meeting

Virtual meetings are held regularly. To be added to the attendee list and receive meeting invitations, please send a request to

List of Current Coordinators