Exception Requests

There are few circumstances where there could be requests for non-encryption of certain devices, disabling of firewall filtering, etc. The requests are classified as miscellaneous exception requests and are handled by UMIT Risk Assessment team on an individual basis.

The exception request process is as follows:

  1. The requestor opens a ServiceNow request with the objectives and assigns it to the “Security Compliance” Team.
  2. The Security and Compliance team member reviews the request and performs an assessment of the request.
  3. If further information is required, the Security team member contacts the requestor for such information.
  4. After collecting the required information the Security team, a member performs a comprehensive assessment of the request and provides a decision to the requestor.