Skip to main content
University of Nebraska Logo

Low Risk Data

Data or Information Systems are classified as Low Risk if:

  • They are not considered to be Medium or High Risk;
  • The data can generally be made available to the public without harm to the University, entities with an affiliation to the University, or to individuals; and
  • The loss of confidentiality, integrity, or availability would have a limited adverse effect on organizational mission, operations, assets, regulation, or on individuals.

Information Systems that access, process, transmit, or store Low Risk data are required to implement appropriate Minimum Security Standards for Low Risk Data.

Low Risk DR/BC Objective

  • Data or Information System can be unavailable for 24+ business hours.
  • Data or Information System can be regenerated with limited effort.
  • University business can continue with a limited impact.

IT Risk Classification

Contact NU ITS Security

Need assistance or have questions related to IT Security? Email the NU ITS Security team at security@nebraska.edu for support.

 

IT Policy Exception Request
IT Policies & Standards

Not sure how to classify your data?

Take the Risk Classification Self-Assessment

Examples of Low Risk Data

  • Surveys of personal opinions
  • Export Administration Regulation 99 (EAR 99)
  • Publicly available manuscripts and associated data
  • Public directory information
  • Personal data - Non University data
  • University job postings
  • Publicly available campus maps
  • University of Nebraska Human Resources Handbook for Policies
  • Publicly available University Policies
  • Other information not listed
  • Personal, Non-University Data (Only your own data, not others)