Security Policy & Standards
If you've looked at the Information Risk Management Program (IRMP), you've probably noticed that it seem pretty complicated. That really shouldn't be a surprise when you think about the vast inventory and complexity of Ohio State’s information systems and assets.
The Enterprise Security group developed the Information Risk Management Program (IRMP) to manage information security risk for these information systems and assets. The program has a series of documents about information security and risk management to assist organizations in understanding the program and implementing strategies to manage information risk.