Regular review and revision of policies is part of evolving a mature information security program that protects systems and data for both our community and the institution. This past year, we revised nine, added three, and deprecated 17. Some of these policies have changed substantially to better align with evolving best practices and simplify language. IT professionals should consult the “Data Roles and Responsibilities” and “System and Application Security” policies, which clarify the expectations and responsibilities for individuals who operate and maintain IT resources (e.g., systems, servers, applications, and data). As we are asking everyone to assess and adjust their approaches as part of Cybersecurity Awareness Month, you are encouraged to share information that impacts your constituents, especially the material included in the “Acceptable Use,” “Mobile and Remote Device Security,” and “Data Classification” policies. You can view all IT security policies by going to security.uconn.edu and clicking “Policies, Standards & Guidelines.”