{"id":2008,"date":"2017-07-11T14:54:22","date_gmt":"2017-07-11T19:54:22","guid":{"rendered":"https:\/\/www.wisconsin.edu\/uw-policies\/?page_id=2008"},"modified":"2017-08-09T07:54:12","modified_gmt":"2017-08-09T12:54:12","slug":"information-security-compensating-control-request","status":"publish","type":"page","link":"https:\/\/www.wisconsin.edu\/uw-policies\/information-security-compensating-control-request\/","title":{"rendered":"Information Security Compensating Control Request"},"content":{"rendered":"<script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\nvar gform;gform||(document.addEventListener(\"gform_main_scripts_loaded\",function(){gform.scriptsLoaded=!0}),document.addEventListener(\"gform\/theme\/scripts_loaded\",function(){gform.themeScriptsLoaded=!0}),window.addEventListener(\"DOMContentLoaded\",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,themeScriptsLoaded:!1,isFormEditor:()=>\"function\"==typeof InitializeEditor,callIfLoaded:function(o){return!(!gform.domLoaded||!gform.scriptsLoaded||!gform.themeScriptsLoaded&&!gform.isFormEditor()||(gform.isFormEditor()&&console.warn(\"The use of gform.initializeOnLoaded() is deprecated in the form editor context and will be removed in Gravity Forms 3.1.\"),o(),0))},initializeOnLoaded:function(o){gform.callIfLoaded(o)||(document.addEventListener(\"gform_main_scripts_loaded\",()=>{gform.scriptsLoaded=!0,gform.callIfLoaded(o)}),document.addEventListener(\"gform\/theme\/scripts_loaded\",()=>{gform.themeScriptsLoaded=!0,gform.callIfLoaded(o)}),window.addEventListener(\"DOMContentLoaded\",()=>{gform.domLoaded=!0,gform.callIfLoaded(o)}))},hooks:{action:{},filter:{}},addAction:function(o,r,e,t){gform.addHook(\"action\",o,r,e,t)},addFilter:function(o,r,e,t){gform.addHook(\"filter\",o,r,e,t)},doAction:function(o){gform.doHook(\"action\",o,arguments)},applyFilters:function(o){return gform.doHook(\"filter\",o,arguments)},removeAction:function(o,r){gform.removeHook(\"action\",o,r)},removeFilter:function(o,r,e){gform.removeHook(\"filter\",o,r,e)},addHook:function(o,r,e,t,n){null==gform.hooks[o][r]&&(gform.hooks[o][r]=[]);var d=gform.hooks[o][r];null==n&&(n=r+\"_\"+d.length),gform.hooks[o][r].push({tag:n,callable:e,priority:t=null==t?10:t})},doHook:function(r,o,e){var t;if(e=Array.prototype.slice.call(e,1),null!=gform.hooks[r][o]&&((o=gform.hooks[r][o]).sort(function(o,r){return o.priority-r.priority}),o.forEach(function(o){\"function\"!=typeof(t=o.callable)&&(t=window[t]),\"action\"==r?t.apply(null,e):e[0]=t.apply(null,e)})),\"filter\"==r)return e[0]},removeHook:function(o,r,t,n){var e;null!=gform.hooks[o][r]&&(e=(e=gform.hooks[o][r]).filter(function(o,r,e){return!!(null!=n&&n!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][r]=e)}});\n\/* ]]> *\/\n<\/script>\n\n                <div class='gf_browser_gecko gform_wrapper gform_legacy_markup_wrapper gform-theme--no-framework' data-form-theme='legacy' data-form-index='0' id='gform_wrapper_24' >\n                        <div class='gform_heading'>\n                            <p class='gform_description'><\/p>\n                        <\/div><form method='post' enctype='multipart\/form-data'  id='gform_24'  action='\/uw-policies\/wp-json\/wp\/v2\/pages\/2008' data-formid='24' novalidate><input type=\"hidden\" name=\"uwsa_form_blog_id\" id=\"uwsa_form_blog_id\" value=\"246\">\n                        <div class='gform-body gform_body'><ul id='gform_fields_24' class='gform_fields top_label form_sublabel_below description_below validation_below'><li id=\"field_24_1\" class=\"gfield gfield--type-html gfield_html gfield_html_formatted gfield_no_follows_desc field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><h5>Requesting a Compensating Control for an Information Security Procedure<\/h5>\n<p>The UW System information security procedures contain provisions that allow for the UW System CIOs to propose compensating controls for mandatory information security measures that they deem are too difficult or impractical to implement. A compensating control is an alternative data security measure that is designed to satisfy the intent and rigor of the original control.  To propose a compensating control, the institution CIO should answer the following questions.<\/p><\/li><li id=\"field_24_8\" class=\"gfield gfield--type-name field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label gfield_label_before_complex' >Submitter Name<\/label><div class='ginput_complex ginput_container ginput_container--name no_prefix has_first_name no_middle_name has_last_name no_suffix gf_name_has_2 ginput_container_name gform-grid-row' id='input_24_8'>\n                            \n                            <span id='input_24_8_3_container' class='name_first gform-grid-col gform-grid-col--size-auto' >\n                                                    <input type='text' name='input_8.3' id='input_24_8_3' value=''   aria-required='false'     \/>\n                                                    <label for='input_24_8_3' class='gform-field-label gform-field-label--type-sub '>First<\/label>\n                                                <\/span>\n                            \n                            <span id='input_24_8_6_container' class='name_last gform-grid-col gform-grid-col--size-auto' >\n                                                    <input type='text' name='input_8.6' id='input_24_8_6' value=''   aria-required='false'     \/>\n                                                    <label for='input_24_8_6' class='gform-field-label gform-field-label--type-sub '>Last<\/label>\n                                                <\/span>\n                            \n                        <\/div><\/fieldset><\/li><li id=\"field_24_9\" class=\"gfield gfield--type-email field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_24_9'>Submitter Email<\/label><div class='ginput_container ginput_container_email'>\n                            <input name='input_9' id='input_24_9' type='email' value='' class='medium'     aria-invalid=\"false\"  \/>\n                        <\/div><\/li><li id=\"field_24_2\" class=\"gfield gfield--type-select field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_24_2'>Please select your institution<\/label><div class='ginput_container ginput_container_select'><select name='input_2' id='input_24_2' class='medium gfield_select'     aria-invalid=\"false\" ><option value='UW Colleges or Extension' >UW Colleges or Extension<\/option><option value='UW-Eau Claire' >UW-Eau Claire<\/option><option value='UW-Green Bay' >UW-Green Bay<\/option><option value='UW-La Crosse' >UW-La Crosse<\/option><option value='UW-Madison' >UW-Madison<\/option><option value='UW-Milwaukee' >UW-Milwaukee<\/option><option value='UW-Oshkosh' >UW-Oshkosh<\/option><option value='UW-Parkside' >UW-Parkside<\/option><option value='UW-Platteville' >UW-Platteville<\/option><option value='UW-River Falls' >UW-River Falls<\/option><option value='UW-Stevens Point' >UW-Stevens Point<\/option><option value='UW-Stout' >UW-Stout<\/option><option value='UW-Superior' >UW-Superior<\/option><option value='UW-Whitewater' >UW-Whitewater<\/option><option value='UW System Administration' >UW System Administration<\/option><option value='' ><\/option><\/select><\/div><\/li><li id=\"field_24_4\" class=\"gfield gfield--type-radio gfield--type-choice field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' >To which of the following procedures does your requested compensating control apply?<\/label><div class='ginput_container ginput_container_radio'><ul class='gfield_radio' id='input_24_4'>\n\t\t\t<li class='gchoice gchoice_24_4_0'>\n\t\t\t\t<input name='input_4' type='radio' value='1030.A Information Security: Authentication'  id='choice_24_4_0'    \/>\n\t\t\t\t<label for='choice_24_4_0' id='label_24_4_0' class='gform-field-label gform-field-label--type-inline'>1030.A Information Security: Authentication<\/label>\n\t\t\t<\/li>\n\t\t\t<li class='gchoice gchoice_24_4_1'>\n\t\t\t\t<input name='input_4' type='radio' value='1031.A Information Security: Data Classification'  id='choice_24_4_1'    \/>\n\t\t\t\t<label for='choice_24_4_1' id='label_24_4_1' class='gform-field-label gform-field-label--type-inline'>1031.A Information Security: Data Classification<\/label>\n\t\t\t<\/li>\n\t\t\t<li class='gchoice gchoice_24_4_2'>\n\t\t\t\t<input name='input_4' type='radio' value='1031.B Information Security: Data Protection'  id='choice_24_4_2'    \/>\n\t\t\t\t<label for='choice_24_4_2' id='label_24_4_2' class='gform-field-label gform-field-label--type-inline'>1031.B Information Security: Data Protection<\/label>\n\t\t\t<\/li>\n\t\t\t<li class='gchoice gchoice_24_4_3'>\n\t\t\t\t<input name='input_4' type='radio' value='gf_other_choice'  id='choice_24_4_3'   onfocus=\"jQuery(this).next('input').focus();\" \/>\n\t\t\t\t<input class='small' id='input_24_4_other' name='input_4_other' type='text' value='Other' aria-label='Other' onfocus='jQuery(this).prev(\"input\")[0].click(); if(jQuery(this).val() == \"Other\") { jQuery(this).val(\"\"); }' onblur='if(jQuery(this).val().replace(\" \", \"\") == \"\") { jQuery(this).val(\"Other\"); }'   \/>\n\t\t\t<\/li><\/ul><\/div><\/fieldset><\/li><li id=\"field_24_6\" class=\"gfield gfield--type-textarea field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_24_6'>To which provision of the procedure does your requested compensating control apply?<\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_6' id='input_24_6' class='textarea medium'      aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/li><li id=\"field_24_5\" class=\"gfield gfield--type-textarea field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_24_5'>Please describe your requested compensating control.<\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_5' id='input_24_5' class='textarea medium'      aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/li><li id=\"field_24_10\" class=\"gfield gfield--type-textarea field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_24_10'>Technical reason the stated control cannot be implemented or business case with cost\/benefit analysis<\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_10' id='input_24_10' class='textarea medium'      aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/li><li id=\"field_24_7\" class=\"gfield gfield--type-textarea field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_24_7'>Is there another person at your institution who can provide additional information about the compensating control? If so, please give their name and contact information.<\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_7' id='input_24_7' class='textarea medium'      aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/li><\/ul><\/div>\n        <div class='gform-footer gform_footer top_label'> <input type='submit' id='gform_submit_button_24' class='gform_button button' onclick='gform.submission.handleButtonClick(this);' data-submission-type='submit' value='Submit'  \/> \n            <input type='hidden' class='gform_hidden' name='gform_submission_method' data-js='gform_submission_method_24' value='postback' \/>\n            <input type='hidden' class='gform_hidden' name='gform_theme' data-js='gform_theme_24' id='gform_theme_24' value='legacy' \/>\n            <input type='hidden' class='gform_hidden' name='gform_style_settings' data-js='gform_style_settings_24' id='gform_style_settings_24' value='[]' \/>\n            <input type='hidden' class='gform_hidden' name='is_submit_24' value='1' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submit' value='24' \/>\n            \n            <input type='hidden' class='gform_hidden' name='gform_currency' data-currency='USD' value='8i78G1Di12mT9rKQ\/h3qg23eoU8PX6kpUFFvnfUQZK2eYO65xkMzX8TPJZNEaLoBh1nG93zyQ0WlyCyhizHVkY0ZXzqL75AQ7poxxk8gh2j43V0=' \/>\n            <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' \/>\n            <input type='hidden' class='gform_hidden' name='state_24' value='WyJbXSIsImNmNzI3MmZhM2U4YjE1NDlhNWY3MmQzY2IzMzkxZGI5Il0=' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_target_page_number_24' id='gform_target_page_number_24' value='0' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_source_page_number_24' id='gform_source_page_number_24' value='1' \/>\n            <input type='hidden' name='gform_field_values' value='' \/>\n            \n        <\/div>\n                        <\/form>\n                        <\/div><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n gform.initializeOnLoaded( function() {gformInitSpinner( 24, 'https:\/\/www.wisconsin.edu\/uw-policies\/wp-content\/plugins\/gravityforms\/images\/spinner.svg', true );jQuery('#gform_ajax_frame_24').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_24');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_24').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){jQuery('#gform_wrapper_24').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_24').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_24').removeClass('gform_validation_error');}setTimeout( function() { \/* delay the scroll by 50 milliseconds to fix a bug in chrome *\/  }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_24').val();gformInitSpinner( 24, 'https:\/\/www.wisconsin.edu\/uw-policies\/wp-content\/plugins\/gravityforms\/images\/spinner.svg', true );jQuery(document).trigger('gform_page_loaded', [24, current_page]);window['gf_submitting_24'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}jQuery('#gform_wrapper_24').replaceWith(confirmation_content);jQuery(document).trigger('gform_confirmation_loaded', [24]);window['gf_submitting_24'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_24').text());}else{jQuery('#gform_24').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger(\"gform_pre_post_render\", [{ formId: \"24\", currentPage: \"current_page\", abort: function() { this.preventDefault(); } }]);        if (event && event.defaultPrevented) {                return;        }        const gformWrapperDiv = document.getElementById( \"gform_wrapper_24\" );        if ( gformWrapperDiv ) {            const visibilitySpan = document.createElement( \"span\" );            visibilitySpan.id = \"gform_visibility_test_24\";            gformWrapperDiv.insertAdjacentElement( \"afterend\", visibilitySpan );        }        const visibilityTestDiv = document.getElementById( \"gform_visibility_test_24\" );        let postRenderFired = false;        function triggerPostRender() {            if ( postRenderFired ) {                return;            }            postRenderFired = true;            gform.core.triggerPostRenderEvents( 24, current_page );            if ( visibilityTestDiv ) {                visibilityTestDiv.parentNode.removeChild( visibilityTestDiv );            }        }        function debounce( func, wait, immediate ) {            var timeout;            return function() {                var context = this, args = arguments;                var later = function() {                    timeout = null;                    if ( !immediate ) func.apply( context, args );                };                var callNow = immediate && !timeout;                clearTimeout( timeout );                timeout = setTimeout( later, wait );                if ( callNow ) func.apply( context, args );            };        }        const debouncedTriggerPostRender = debounce( function() {            triggerPostRender();        }, 200 );        if ( visibilityTestDiv && visibilityTestDiv.offsetParent === null ) {            const observer = new MutationObserver( ( mutations ) => {                mutations.forEach( ( mutation ) => {                    if ( mutation.type === 'attributes' && visibilityTestDiv.offsetParent !== null ) {                        debouncedTriggerPostRender();                        observer.disconnect();                    }                });            });            observer.observe( document.body, {                attributes: true,                childList: false,                subtree: true,                attributeFilter: [ 'style', 'class' ],            });        } else {            triggerPostRender();        }    } );} ); \n\/* ]]> *\/\n<\/script>\n\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":105,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2008","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/pages\/2008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/users\/105"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/comments?post=2008"}],"version-history":[{"count":2,"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/pages\/2008\/revisions"}],"predecessor-version":[{"id":2010,"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/pages\/2008\/revisions\/2010"}],"wp:attachment":[{"href":"https:\/\/www.wisconsin.edu\/uw-policies\/wp-json\/wp\/v2\/media?parent=2008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}