Submit a Policy Exception Request

What is a Policy Exception Request?

Information Security Policies are central to Yale’s ability to maintain reliable IT services for the Yale community. These policies also ensure Yale and its employees conduct themselves in compliance with laws, contracts, and other University policies. 

The size of Yale University prevents its leadership from crafting policies that address every possible scenario that we may encounter at Yale. Some Yale policies allow for policy exceptions for this reason. Exceptions may be possible under certain compelling circumstances and such determination should be made by Information Security, Policy and Compliance (ISPC). When ISPC receives such a request, it will evaluate the merit of each request. An exception may be granted should ISPC determine such an exceptoin will not create any undue risk at the university. The Information Security Policy, and Compliance team is commited to protect Yale data, maintain compliance and support the university’s mission. 

The process outlined below was created to provide a transparent way for you to request a policy exception. 

Exception Process

ISPC Policy Exception Process

When an Exception Will be Granted

Every effort will be made to not impact the individual’s mission-oriented work. The faculty mission will not be impeded. Academic and research needs will be accommodated. However, policy exceptions will not be granted for convenience, nor if no appropriate alternate security controls can be found to address any risk posed by the exception. The risk and compliance team will evaluate the risk associated with the exception. This risk will be shared with the requestor’s department leadership for the necessary level of approval. 

Who can use it? 

Faculty and staff in the Yale community with an active and valid NetID. 

How much does it cost? 

This service is available at no charge to the Yale community. 

How do I get it? 

Follow these steps to submit a policy exception request: 

  1. Visit the Policy Exception Center website to submit a policy exception request. 
  2. Log in with your Net ID and password. 
  3. Click on the Policy Exception Center menu option in the top left corner of the screen. A drop-down menu will appear.
  4. Select the “I need to request an exception” option. This will bring you to the policy exception request form. 
  5. Fill out the required fields and hit “Save” to submit the request. 

Where can I get help? 

Email the Information Security Risk and Compliance team at it.compliance@yale.edu

Related Links