Electronic Information Resource Inventory
What is an EIR?
What is the EIRIS Application?
The Electronic Information Resource Information System (EIRIS) is an application that houses the campus’s EIR inventory. EIRIS helps the campus understand how much protected data exist and where it is located. Knowing the data we have is a vital information security practice. If we don’t know it exists, we cannot protect it.
EIR Security Requirements
UCI’s Information Security Standards require all electronic EIRs to have a risk assessment conducted. The Security Risk Assessment Questionnaire (SRAQ) is the campus’s solution to meeting this requirement.
Annual EIR Inventory Project
Every year a campus-wide project is conducted to identify where all of our protected data is located. Each of us has a critical role in protecting the security and privacy of information. As a general rule, unless law, policy, business or research needs require storage of protected data, it should be eliminated. If P4 or P3 data must be stored, we must ensure it is properly secured.
Know What You Have
The first step in safeguarding data is to know what you have. Use the available resources on the OIT Security website to identify what classification of data is under your control.
We ask that you review electronic devices under your control (including tablets, phones, and removable media) and remove or secure any files or records that contain protected data.
Inform Your Unit Information Security Lead
If you need to collect, use, and store P4 or P3 data, electronically or on paper, please inform your Unit Information Security Lead (UISL). Your UISL maintains an inventory of data resources to facilitate risk assessment and compliance with law and policy. With assistance from the OIT Security team, your UISL can help you determine the best way to protect your data.
Please reach out to firstname.lastname@example.org if you have any questions.