Digital Risk Office
What is Digital Risk Management?
Digital risk management is a crucial component of the university's overall risk management strategy and involves identifying, assessing, and mitigating risks associated with the University of Illinois System's digital infrastructure. The term digital risk encompasses the challenges related to continuous change and increasing complexity in the system's operations, technology, and threat environments relating to cybersecurity, privacy, compliance, business continuity, ICT accessibility, and risk management.
The goal is to enhance the university's ability to engage in innovative academic, research, clinical, and administrative endeavors while managing these risks. Additionally, digital risk management promotes a culture of digital risk awareness and stewardship throughout the university, maintains partnerships with stakeholders, and guides policy development and implementation to ensure effective management of digital risks.
Scope of Responsibilities
Digital risk encompasses the challenges related to continuous change and increasing complexity in the University of Illinois System's operations, technology, and threat environments as they relate to:
- Cybersecurity
- Privacy
- Compliance
- Business Continuity
- ICT accessibility
- Risk management
The Chief Digital Risk Officer (CDRO) advocates for digital-risk management with responsibility for formulating strategy, and collaboration across the U of I System, bringing IT and non-IT units together to address organizational digital risk, executive metrics reporting, and management and oversight of shared digital risk services. The digital risk office partners with the U of I System IT, Cybersecurity offices, and other stakeholders to establish shared services to achieve economies of scale while allowing the functions within the universities, hospital, and system offices to focus on execution, operations, and organizational-specific needs.
Digital Risk Office is:
Innovator
Engages in innovative academic, research, clinical, & administrative endeavors by leveraging its digital assets while managing its digital risks.
Teacher
Promotes a culture of digital risk awareness & stewardship to ensure the integrity of its vast digital assets and information.
Advisor
Advises the President, Chancellors, CIOs, and others on risks & mitigation as it relates to IT, privacy, & cybersecurity.
Partner
Maintains partnerships with stakeholders from academic, research, healthcare, business, risk, administration, IT, privacy, & security areas.
Policy Maker
Guides system-level policy development and implementation in all areas concerning digital risk.
Digital Risk Process
All the activities presented here might be performed sequentially or simultaneously, as the need arises, and are augmented by a strong risk culture that promotes the efficacy of these actions.