Information Security Compensating Control Request Requesting a Compensating Control for an Information Security Procedure The UW System information security procedures contain provisions that allow for the UW System CIOs to propose compensating controls for mandatory information security measures that they deem are too difficult or impractical to implement. A compensating control is an alternative data security measure that is designed to satisfy the intent and rigor of the original control. To propose a compensating control, the institution CIO should answer the following questions.Submitter Name First Last Submitter Email Please select your institutionUW Colleges or ExtensionUW-Eau ClaireUW-Green BayUW-La CrosseUW-MadisonUW-MilwaukeeUW-OshkoshUW-ParksideUW-PlattevilleUW-River FallsUW-Stevens PointUW-StoutUW-SuperiorUW-WhitewaterUW System AdministrationTo which of the following procedures does your requested compensating control apply? 1030.A Information Security: Authentication 1031.A Information Security: Data Classification 1031.B Information Security: Data Protection To which provision of the procedure does your requested compensating control apply?Please describe your requested compensating control.Technical reason the stated control cannot be implemented or business case with cost/benefit analysisIs there another person at your institution who can provide additional information about the compensating control? If so, please give their name and contact information.
