...
A security exception is an exception to current cybersecurity policies and standards in cases where the benefits to Seattle University outweigh security risks/non-compliance.
Why only 6-months?
The owner of the exception should be actively looking for ways to mitigate the exception so that it falls in line with our policies. A security exception is a temporary exception allowing the progression of work while a permanent, policy-compliant solution is researched or being tested.
When to apply for a Security Exception
...
All Security Exceptions — if approved — are only valid for up to 6 months.
Once the specified expiration date has passed, you are required to immediately cease implementation of the process, procedure, or solution referenced in your request.
If approved, you must abide by any additional conditions imposed by Information Security that were communicated to you in order to retain the active status for an approved exception.
ITS or Information Security may revoke the active status for an approved Security Exception at any time.
After the expiration date, a Security Exception request cannot be reinstated. A new Security Exception Request form must be submitted again.
Why only 6-months?
The owner of the exception should be actively looking for ways to mitigate the exception so that it falls in line with our policies. A security exception is a temporary exception allowing the progression of work while a permanent, policy-compliant solution is researched or being tested.
Security Exception approval process
...