To accommodate circumstances where a user, computer system, or other IT resource cannot conform to a University policy, procedure, standard, or guideline, OIT offers two types of exemptions from IT Security standards: Risk Acceptance (as defined by the CU System Risk Acceptance Process) and Temporary Security Exceptions.
Exemption request forms have been published for the following IT Standards:
- The Secure Computing Standard for Computers
- The Secure Computing Standard for Servers
- The Vulnerability Management Standard
If you need more information or would like to submit a request form for one of the above standard, see the Request an Exemption page (accessing this page requires an Identikey login).
For exceptions to other CU Boulder IT Security policies or standards, please send an email to Security@Colorado.EDU.
