The CISO defines and reviews University-wide policies, procedures, standards, and functions spanning IT Governance, Network Security, Application Security, Risk Management, Identity and Access Management. 

The UCLA Information Security Office is a group that operates within UCLA IT Services and has campus-wide input and oversight on a variety of technical and policy matters relating to protecting the University's information resources. Broadly, the UCLA Information Security Office exists to facilitate the following:

• Security incident response planning and notification procedures
• Risk assessment strategies to identify vulnerabilities and threats to departmental information resources as well as major enterprise systems
• Executing a UCLA IT security plan, including recommending administrative, technical, and physical security measures to address identified risks relative to their sensitivity or criticality