| id,question,answer,category,urgency | |
| NET021,How to set up a secure wireless access point for a department event?,"Submit temporary wireless network request at least 5 business days in advance. Provide event details, expected attendees, duration, and security requirements. Guest network will be provisioned with unique SSID and password. Bandwidth limits apply. Network automatically disabled after event. Technical support available during event.",Network & Connectivity,medium | |
| NET022,Cannot access network resources after changing office location.,New network port may need activation. Submit port activation request with building and room number. VLAN configuration may differ between locations. Update static IP if assigned. Network profile may need refreshing. Allow 2 business days for port activation.,Network & Connectivity,medium | |
| NET023,Internet connectivity lost after power outage.,Check if network equipment has power. Wait 10 minutes for automatic recovery. Reboot network switch if accessible. Report building-wide outages to facilities. Critical network equipment has UPS backup. Contact IT if not restored within 30 minutes.,Network & Connectivity,high | |
| NET024,How to configure QoS for video conferencing traffic?,"QoS automatically applied for recognized video conferencing services (Zoom, Teams). Ensure using institution-approved services. Wired connection recommended for critical meetings. Home network QoS not managed by institution. For special events, request priority bandwidth allocation.",Network & Connectivity,low | |
| NET025,Network latency issues affecting real-time applications.,Run traceroute to identify bottleneck. Check if using WiFi vs wired connection. Background updates may be consuming bandwidth. Test during different times of day. Some applications have specific port requirements. Contact IT with traceroute results for investigation.,Network & Connectivity,medium | |
| SEC021,How to conduct a security risk assessment for a new project?,"Submit project security assessment request early in planning. Include system architecture, data types, users, and integrations. Security team provides threat modeling and controls recommendations. Follow secure development lifecycle. Regular security reviews throughout project. Final security sign-off required before launch.",Security & Compliance,medium | |
| SEC022,Need to comply with GDPR for international research data.,Data protection impact assessment required. Implement data minimization and pseudonymization. Data processing agreements needed for international transfers. Designate data protection officer contact. Right to erasure procedures. Regular compliance audits.,Security & Compliance,high | |
| SEC023,Social engineering attempt detected - caller asking for credentials.,Do NOT provide any information. Note caller details and report immediately to IT Security. Alert department colleagues. Review security awareness training. These attempts often increase during semester starts. IT may send campus-wide alert if pattern detected.,Security & Compliance,critical | |
| SEC024,Unauthorized software installation detected on network.,Software will be automatically removed if violates policy. User notified with instructions. Repeated violations may result in network access suspension. Approved software available through software center. Development software requires separate approval process.,Security & Compliance,medium | |
| SEC025,Need to implement least privilege access for administrative accounts.,Review current permissions and reduce to minimum necessary. Separate user and admin accounts. Use Just-In-Time elevation where possible. Regular review of privileged access. Monitor admin account usage. Implement approval workflow for privilege use.,Security & Compliance,high | |
| ACC021,Account synchronization delay between systems.,"Normal sync cycle is 15 minutes. Major syncs occur hourly. Emergency sync available for critical needs. Check source system (HR for employees, registrar for students). Manual override possible with approval. Report sync failures exceeding 2 hours.",Account & Access,medium | |
| ACC022,Need to access system as another user for troubleshooting.,Submit impersonation request with justification and duration. Requires manager approval. Logging of all actions performed. Limited to 4 hours maximum. Emergency impersonation available for critical systems. Regular audit of impersonation logs.,Account & Access,high | |
| ACC023,Digital certificate expiration causing access issues.,Renew certificate before expiration date. Self-service portal for certificate renewal. Test new certificate in staging environment. Update all applications using certificate. Monitor for expiration warnings 30 days in advance. Emergency certificate issuance available.,Account & Access,high | |
| ACC024,Biometric authentication not working consistently.,"Clean sensor and retry enrollment. Update biometric drivers. Some changes (weight, injury) may require re-enrollment. Alternative authentication methods available. Biometric data stored locally only. Technical support for hardware issues.",Account & Access,medium | |
| ACC025,Access request workflow automation needed.,Use identity management system for automated provisioning. Define roles and approval workflows. Integration with HR system for joiner/mover/leaver processes. Self-service access requests with manager approval. Regular access certifications. Audit trail for compliance.,Account & Access,low | |
| SOF021,Software compatibility issues after OS upgrade.,Check software vendor for compatibility statement. Some software requires specific OS versions. Virtualization or compatibility mode may help. Contact software vendor for patches. Legacy software may need replacement. Test in isolated environment before deployment.,Software & Applications,high | |
| SOF022,Need to automate software deployment across department.,"Use software distribution system (SCCM, Jamf). Package software with silent install options. Test deployment on pilot group first. Schedule deployments during maintenance windows. Provide user notifications. Rollback plan essential.",Software & Applications,medium | |
| SOF023,Software license server not responding.,Check license server status page. Restart license manager service. Verify network connectivity to server. Check license file expiration. Failover to backup server if configured. Contact vendor for license server issues.,Software & Applications,high | |
| SOF024,Custom software development for department needs.,Submit project request with requirements. Development team assesses feasibility and timeline. Agile development methodology used. User acceptance testing required. Maintenance and support agreement needed. Consider commercial off-the-shelf alternatives first.,Software & Applications,low | |
| SOF025,Software training materials and documentation.,Knowledge base articles available. Video tutorials for common tasks. In-person workshops scheduled monthly. Quick reference guides for department software. Training environment for practice. Custom training for department-specific workflows.,Software & Applications,low | |
| HRD021,Computer fan running loudly constantly.,Clean dust from vents and fans. Check for processes using high CPU. May indicate failing fan or thermal paste. Use compressed air for cleaning. Hardware diagnostics available. Replace fan if bearings failing.,Hardware & Equipment,medium | |
| HRD022,Need ergonomic assessment and equipment.,"Submit ergonomic assessment request. Specialist will evaluate workstation setup. Recommendations for chairs, desks, monitors, etc. Approved equipment available through procurement. Follow-up assessment after adjustments. Priority for medical accommodations.",Hardware & Equipment,low | |
| HRD023,Tablet device not syncing with institutional systems.,Install mobile device management profile. Ensure using institution-approved apps. Check sync settings in each app. Some systems require VPN for off-campus sync. Clear app cache and retry. Factory reset as last resort.,Hardware & Equipment,medium | |
| HRD024,Digital signage hardware not updating content.,Check network connectivity of signage player. Restart signage software. Verify content schedule is active. Update signage player software. Test with simple content first. Contact digital signage team for support.,Hardware & Equipment,medium | |
| HRD025,Conference room AV system integration issues.,Check control system programming. Update firmware on all components. Test each component individually. Cabling may need verification. Room may need re-calibration. Contact AV integration specialist.,Hardware & Equipment,medium | |
| EML021,Email search returning too many results.,"Use advanced search operators (from:, subject:, has:attachment). Specify date ranges. Search within specific folders. Use Boolean operators (AND, OR, NOT). Index may need rebuilding for precise results. Consider using desktop search tools.",Email & Communication,low | |
| EML022,Need to archive departmental email for record keeping.,Use mailbox archive feature. Set retention policies for different folders. Export to PST for long-term storage. Consider using SharePoint for collaborative records. Legal hold may be required for certain communications. Consult records management for requirements.,Email & Communication,low | |
| EML023,Email client rules not executing properly.,Check rule order - rules execute in order listed. Some rules only work when client is running. Server-side vs client-side rules distinction. Test with simple rule first. Too many rules may cause conflicts. Consider using inbox rules instead of client rules.,Email & Communication,low | |
| EML024,Unsubscribe not working from mailing lists.,Use institutional mailing list management portal. Some lists require owner approval to unsubscribe. Global unsubscribe available for all institutional lists. Report spam if unsubscribe fails. Marketing emails have unsubscribe requirements by law.,Email & Communication,low | |
| EML025,Email encryption for sensitive communications.,Use 'Encrypt' option in Outlook for internal emails. External recipients receive portal link for secure viewing. Encrypted email subject line indicates secure message. Training available on proper use. Some data types require mandatory encryption. Audit logging of encrypted messages.,Email & Communication,medium | |
| DAT021,Data deduplication to save storage space.,Enabled on primary storage arrays. Deduplication ratios typically 2:1 to 10:1. Backup storage has additional deduplication. Not suitable for already compressed data. Performance impact minimal. Reporting available on space savings.,Data Management,low | |
| DAT022,Need to implement data loss prevention for department.,"Define sensitive data patterns for your department. Create DLP policies with appropriate actions (block, encrypt, notify). Test policies in audit mode first. Train users on data handling. Regular review of DLP incidents. Adjust policies based on false positives.",Data Management,medium | |
| DAT023,Database replication for high availability.,Transactional replication for reporting databases. Merge replication for distributed updates. Snapshot replication for reference data. Log shipping for disaster recovery. Monitor replication latency. Failover testing required quarterly.,Data Management,high | |
| DAT024,Data quality monitoring and cleansing.,"Implement data validation rules at entry points. Regular data quality audits. Automated cleansing routines for known issues. Data steward responsible for quality. Metrics for data completeness, accuracy, timeliness. Continuous improvement process.",Data Management,medium | |
| DAT025,File share permissions too complex to manage.,Simplify using group-based permissions. Regular permission reviews and cleanup. Implement inheritance where possible. Document permission structure. Consider migrating to SharePoint for better management. Automated permission reporting.,Data Management,medium | |
| SYS021,System imaging not working for new computer models.,Update driver repository for new hardware. Modify task sequences for different models. Test imaging on pilot devices first. Some hardware requires specific driver injection. BIOS settings may need standardization. Contact imaging team for new model support.,System Administration,high | |
| SYS022,Need to automate server patching process.,Use patch management system for scheduling. Create maintenance windows for different server groups. Pre-production testing before production deployment. Backout plans for failed patches. Compliance reporting. Emergency patching process for critical vulnerabilities.,System Administration,medium | |
| SYS023,System performance baseline deviation detected.,Compare current metrics to established baseline. Check for recent changes or updates. Monitor for trending degradation. Performance tuning may be required. Consider capacity increase if growth-related. Root cause analysis for sudden changes.,System Administration,medium | |
| SYS024,Virtual machine resource contention issues.,Check host resource utilization. Right-size VMs based on actual usage. Implement resource pools and limits. Consider vMotion to less loaded host. Monitor for noisy neighbor VMs. Regular capacity planning for virtualization cluster.,System Administration,medium | |
| SYS025,Need to implement configuration management database.,Define CI (Configuration Item) types and relationships. Automate discovery where possible. Establish change management integration. Use for impact analysis and incident management. Regular CMDB audits for accuracy. Training for CMDB users.,System Administration,low | |
| CLS021,Student response data not saving from classroom system.,"Check internet connectivity during session. Ensure software is logged in with correct account. Data may be stored locally until synced. Export data immediately after session. Use backup collection method (paper, alternative tool). Test data saving before important session.",Classroom/Lab Support,high | |
| CLS022,Need to schedule recurring classroom technology training.,Book through faculty development center. Monthly workshops on different topics. Department-specific sessions available. Just-in-time training before semester starts. Online resources for self-paced learning. Feedback used to improve training.,Classroom/Lab Support,low | |
| CLS023,Classroom recording quality issues (audio/video).,Check microphone placement and levels. Lighting adjustments for video quality. Camera positioning and focus. Test recording before important session. Use lapel mic for better audio. Post-production editing available for important recordings.,Classroom/Lab Support,medium | |
| CLS024,Lab software license insufficient for class size.,Submit license increase request with course details. Explore concurrent licensing options. Consider virtual lab for overflow. Schedule lab sessions in shifts. Some software has student home-use options. Budget planning for future license needs.,Classroom/Lab Support,high | |
| CLS025,Classroom technology not accessible for student with disability.,Contact disability services for accommodations. Adjustable furniture available. Assistive technology installed on request. Training for faculty on inclusive technology use. Pre-class testing with student if possible. Alternative formats for materials.,Classroom/Lab Support,high | |
| GEN021,IT service catalog not up to date.,Service owners responsible for catalog updates. Quarterly review cycle for all services. Change management for service modifications. Customer feedback incorporated. Training for service owners on catalog management. Automated notifications for service changes.,General IT Support,low | |
| GEN022,Need to benchmark IT services against peer institutions.,"Participate in industry benchmarking surveys. Peer comparisons available through consortiums. Focus on service quality, cost, and innovation. Action plans for areas needing improvement. Regular benchmarking (annual or bi-annual). Share results with stakeholders.",General IT Support,low | |
| GEN023,IT communication strategy for major changes.,Multi-channel communication plan. Early notification for disruptive changes. Clear explanation of benefits and impacts. Feedback mechanism for concerns. Training and support resources. Post-implementation follow-up.,General IT Support,medium | |
| GEN024,Managing expectations for IT service delivery.,Clear service level agreements published. Realistic timelines communicated. Regular progress updates. Managing scope changes formally. Customer education on IT processes. Transparent reporting on performance.,General IT Support,low | |
| GEN025,IT innovation lab or sandbox environment.,Dedicated environment for testing new technologies. Available to faculty and students for innovation projects. Limited support for experimental setups. Regular showcases of innovative projects. Connection to academic programs. Resource allocation based on proposal.,General IT Support,low | |
| NET026,Network segmentation for research lab security.,Submit network segmentation request with security requirements. Isolated VLAN with controlled access points. Firewall rules between segments. Monitoring for unusual cross-segment traffic. Regular security reviews. Segmentation based on data sensitivity.,Network & Connectivity,high | |
| NET027,Load balancing configuration for high-traffic web service.,Global load balancer for geographic distribution. Health checks for backend servers. SSL termination at load balancer. Session persistence configuration. Auto-scaling integration. Performance monitoring and alerting.,Network & Connectivity,medium | |
| NET028,Multicast networking for video streaming applications.,Enable multicast routing on network devices. Configure IGMP snooping. Bandwidth allocation for multicast traffic. Source-specific multicast for security. Testing in isolated network first. Not all network segments support multicast.,Network & Connectivity,medium | |
| NET029,Network time protocol (NTP) synchronization issues.,"Use institutional NTP servers (ntp1.institution.edu, ntp2.institution.edu). Configure clients to sync regularly. Check firewall rules for port 123. Stratum 1 time sources available. Monitoring for time drift. Critical for authentication and logging.",Network & Connectivity,medium | |
| NET030,Wireless mesh network for outdoor areas.,Outdoor wireless access points with mesh capability. Weatherproof enclosures and lightning protection. Coverage maps for planning. Bandwidth planning for expected usage. Maintenance schedule for outdoor equipment. Emergency power backup.,Network & Connectivity,low | |
| SEC026,Third-party security assessment for vendor software.,Require vendor to provide recent security assessment. Independent penetration testing for critical systems. Review of security controls and practices. Contractual security requirements. Regular re-assessment for ongoing services. Risk acceptance for any deficiencies.,Security & Compliance,high | |
| SEC027,Security operations center (SOC) monitoring alerts.,24/7 monitoring of security events. Tiered response structure. Automated alert correlation. Threat intelligence integration. Regular threat hunting exercises. Metrics for detection and response times.,Security & Compliance,critical | |
| SEC028,Digital forensics investigation procedures.,Preserve chain of evidence. Imaging of affected systems. Timeline analysis of events. Correlation across multiple systems. Legal hold considerations. Expert testimony preparation if needed.,Security & Compliance,critical | |
| SEC029,Security architecture review for new application.,Threat modeling during design phase. Security requirements specification. Code review for security flaws. Penetration testing before production. Security training for development team. Ongoing security monitoring post-deployment.,Security & Compliance,high | |
| SEC030,Zero trust network access implementation.,Identity-based access control. Micro-segmentation of network. Continuous authentication. Device health checking. Least privilege access. Monitoring and analytics.,Security & Compliance,medium | |
| ACC026,Just-in-time access provisioning for temporary needs.,Time-bound access requests. Automated approval workflows. Self-service access requests. Automatic revocation after duration. Usage monitoring during access period. Integration with project management tools.,Account & Access,medium | |
| ACC027,Access certification campaign management.,Regular access reviews for all systems. Manager certification of employee access. Exception management process. Automated reminders and escalations. Compliance reporting. Continuous improvement based on findings.,Account & Access,medium | |
| ACC028,Privileged access management (PAM) solution.,Vault for privileged credentials. Session recording and monitoring. Just-in-time elevation. Approval workflow for privileged access. Integration with ticketing system. Regular audit of privileged access.,Account & Access,high | |
| ACC029,Multi-factor authentication fatigue attacks.,Implement number matching in MFA prompts. Limit MFA attempts. User education on MFA attacks. Context-aware authentication. Monitoring for unusual MFA patterns. Alternative authentication methods available.,Account & Access,high | |
| ACC030,Identity governance for compliance requirements.,Define identity lifecycle processes. Role-based access control. Segregation of duties controls. Access certification automation. Audit trail for compliance reporting. Regular policy reviews.,Account & Access,medium | |
| SOF026,Software bill of materials (SBOM) requirements.,Generate SBOM for all developed software. Include open source and third-party components. Vulnerability assessment based on SBOM. Supply chain security tracking. Required for certain compliance standards. Integration with security tools.,Software & Applications,medium | |
| SOF027,Container security scanning and management.,Scan container images for vulnerabilities. Use trusted base images. Regular updates of container images. Runtime security monitoring. Registry scanning for compliance. Integration with CI/CD pipeline.,Software & Applications,high | |
| SOF028,Software vulnerability management process.,Regular vulnerability scanning. Risk-based prioritization of fixes. Patching timelines based on severity. Testing patches before deployment. Emergency patching process. Reporting on vulnerability status.,Software & Applications,high | |
| SOF029,API security testing and protection.,Authentication and authorization for all APIs. Rate limiting and throttling. Input validation and sanitization. Regular security testing of APIs. API gateway for centralized security. Monitoring for abnormal API usage.,Software & Applications,high | |
| SOF030,Software supply chain security measures.,Verify integrity of downloaded software. Use signed packages from trusted sources. Dependency checking for vulnerabilities. Build process security. Delivery integrity verification. Incident response for supply chain attacks.,Software & Applications,critical | |
| HRD026,Hardware security module (HSM) for cryptographic operations.,Dedicated HSM for key management. FIPS 140-2 validated devices. Integration with applications requiring crypto. Regular firmware updates. Physical security requirements. Backup and recovery procedures.,Hardware & Equipment,high | |
| HRD027,Industrial control system (ICS) security for labs.,Network segmentation from general campus network. Specialized security controls for ICS. Regular vulnerability assessments. Physical access controls. Incident response plan for ICS. Training for lab personnel.,Hardware & Equipment,high | |
| HRD028,Hardware tamper detection and response.,Tamper-evident seals on critical equipment. Physical intrusion detection. Remote wipe capability for mobile devices. Hardware security features (TPM). Regular physical inspections. Incident response for suspected tampering.,Hardware & Equipment,critical | |
| HRD029,Supply chain security for hardware procurement.,Vendor security assessments. Hardware authenticity verification. Firmware integrity checking. Secure delivery and installation. Monitoring for counterfeit components. Lifecycle management including secure disposal.,Hardware & Equipment,medium | |
| HRD030,Hardware-based authentication tokens.,FIDO2 security keys for phishing-resistant authentication. Smart cards for physical access and login. Token management system. Loss/theft reporting procedures. Backup authentication methods. User training on token use.,Hardware & Equipment,medium | |
| EML026,Email authentication failures causing delivery issues.,"Check SPF, DKIM, DMARC configuration. Ensure sending infrastructure included in SPF. Monitor authentication reports. Warm-up new IP addresses for email sending. Test authentication before bulk sends. Contact email administrators for configuration help.",Email & Communication,high | |
| EML027,Email continuity during outage or maintenance.,Webmail access typically remains available during client outages. Mobile access may work when desktop client fails. Critical communications have alternative channels. Planned maintenance announced in advance. Emergency communications via text alert system. Business continuity planning for extended outages.,Email & Communication,critical | |
| EML028,Cross-tenant communication with external organizations.,Configure external federation if supported. Secure mail gateway for inter-organizational email. Consider encrypted email for sensitive communications. Testing with target organizations. Monitoring for delivery failures. Alternative communication methods for critical messages.,Email & Communication,medium | |
| EML029,Email data sovereignty and residency requirements.,Understand data residency requirements for your data. Institutional email typically resides in regionally located datacenters. Special arrangements possible for sensitive research data. Contractual terms with email provider. Regular compliance verification. User awareness of data location.,Email & Communication,medium | |
| EML030,Email security awareness training effectiveness.,Regular phishing simulation tests. Training completion tracking. Behavior monitoring for click rates. Continuous improvement of training content. Metrics for reduction in security incidents. Tailored training for high-risk groups.,Email & Communication,medium | |
| DAT026,Data catalog for institutional data assets.,Inventory of data assets across institution. Metadata management for discoverability. Data lineage tracking. Data quality indicators. Access request workflow. Integration with analytics tools.,Data Management,low | |
| DAT027,Data masking for non-production environments.,Automated data masking for sensitive fields. Referential integrity preservation. Format-preserving encryption options. Performance testing with masked data. Compliance with data protection regulations. Regular validation of masking effectiveness.,Data Management,medium | |
| DAT028,Blockchain for academic credential verification.,Pilot program for digital diplomas. Integration with student information system. Verification portal for employers. Standards compliance (W3C Verifiable Credentials). User control of credential sharing. Long-term preservation considerations.,Data Management,low | |
| DAT029,Data lake architecture for research analytics.,Centralized repository for structured and unstructured data. Schema-on-read flexibility. Integration with research data sources. Analytics tools and visualization. Data governance framework. Scalable storage and compute.,Data Management,medium | |
| DAT030,Data ethics framework for research projects.,Ethics review for data collection and use. Informed consent processes. Data minimization principles. Bias detection and mitigation. Transparency in data practices. Ongoing ethics oversight.,Data Management,high | |
| SYS026,Infrastructure as code for cloud provisioning.,Terraform or CloudFormation templates. Version control for infrastructure code. Automated testing of infrastructure changes. Consistent environments across stages. Cost optimization through code. Security scanning of infrastructure code.,System Administration,medium | |
| SYS027,Service mesh implementation for microservices.,Istio or Linkerd for service-to-service communication. Traffic management and load balancing. Security policies between services. Observability and monitoring. Canary deployments. Performance optimization.,System Administration,medium | |
| SYS028,GitOps for continuous deployment.,Git as single source of truth for infrastructure and apps. Automated synchronization to target environments. Pull request workflow for changes. Rollback through git revert. Compliance through git history. Integration with CI/CD pipeline.,System Administration,medium | |
| SYS029,Observability platform implementation.,"Metrics, logs, and traces in unified platform. Real-time monitoring and alerting. Historical analysis and trending. Correlation across telemetry sources. AIOps for anomaly detection. Cost optimization for observability data.",System Administration,medium | |
| SYS030,Chaos engineering for system resilience.,Controlled experiments to test system resilience. Failure injection in pre-production. Measurement of system behavior under stress. Learning and improvement from experiments. Gradual expansion to production. Integration with incident response.,System Administration,medium | |
| CLS026,Immersive technology (VR/AR) in classrooms.,Dedicated VR/AR lab available. Curriculum integration support. Equipment checkout for classes. Technical support for setup. Content development resources. Assessment of learning outcomes.,Classroom/Lab Support,low | |
| CLS027,Learning analytics integration with LMS.,Data extraction from learning management system. Analytics dashboard for instructors. Early alert system for at-risk students. Privacy-preserving analytics. Training on data interpretation. Continuous improvement based on insights.,Classroom/Lab Support,medium | |
| CLS028,Digital proctoring solution implementation.,Multiple proctoring options available. Faculty training on effective use. Student orientation on requirements. Accessibility accommodations. Privacy and data protection. Technical support during exams.,Classroom/Lab Support,high | |
| CLS029,Classroom response system integration with gradebook.,Automatic grade synchronization. Attendance tracking. Participation scoring. Data export for analysis. Privacy controls for student data. Training on effective use for assessment.,Classroom/Lab Support,medium | |
| CLS030,Accessible course material creation tools.,Templates for accessible documents. Automated accessibility checking. Alternative format creation. Captioning and transcription services. Training on accessible design. Regular audits of course materials.,Classroom/Lab Support,medium | |
| GEN026,IT sustainability and carbon footprint reduction.,Energy-efficient hardware procurement. Data center cooling optimization. Server virtualization for consolidation. Cloud migration for efficiency. Equipment lifecycle extension. Renewable energy sourcing.,General IT Support,low | |
| GEN027,Digital transformation strategy for administrative processes.,Process analysis and optimization. Technology selection for digitization. Change management for adoption. Metrics for transformation success. Continuous improvement cycle. Stakeholder engagement throughout.,General IT Support,low | |
| GEN028,IT talent development and retention strategies.,Career path development. Training and certification programs. Mentoring and coaching. Competitive compensation. Flexible work arrangements. Recognition and rewards.,General IT Support,low | |
| GEN029,IT risk management framework.,Risk identification and assessment. Risk treatment strategies. Risk monitoring and reporting. Integration with enterprise risk management. Regular risk reviews. Risk-aware decision making.,General IT Support,medium | |
| GEN030,Business continuity and disaster recovery testing.,Regular tabletop exercises. Full-scale disaster recovery tests. Lessons learned and improvement plans. Coordination with business units. Documentation updates based on tests. Compliance with regulatory requirements.,General IT Support,high | |
| NET031,Software-defined networking (SDN) implementation.,Centralized network management and automation. Dynamic traffic engineering. Network virtualization. Integration with cloud environments. Security policy automation. Skills development for network team.,Network & Connectivity,medium | |
| SEC031,Extended detection and response (XDR) platform.,Cross-domain threat detection. Automated investigation and response. Threat intelligence integration. Hunting capabilities. Compliance reporting. Integration with existing security tools.,Security & Compliance,high | |
| ACC031,Passwordless authentication implementation.,FIDO2 security keys. Windows Hello for Business. Mobile authenticator apps. Biometric authentication. Phishing resistance benefits. User education and rollout plan.,Account & Access,medium | |
| SOF031,Low-code/no-code platform governance.,Approved platforms list. Development standards and best practices. Security review process. Data governance integration. Training and support. Monitoring and audit of applications.,Software & Applications,medium | |
| HRD031,Internet of Things (IoT) device management.,IoT device registration and inventory. Network segmentation for IoT. Security baseline for IoT devices. Monitoring for anomalous behavior. Firmware update management. End-of-life planning.,Hardware & Equipment,high | |
| EML031,Email data classification and labeling.,Automatic classification based on content. Manual labeling options. Protection actions based on classification. User training on proper labeling. Compliance reporting. Integration with DLP.,Email & Communication,medium | |
| DAT031,Data fabric architecture implementation.,Unified data management across environments. Metadata-driven data integration. Self-service data access. Data quality and governance. AI/ML integration. Hybrid and multi-cloud support.,Data Management,medium | |
| SYS031,Edge computing infrastructure for research.,Low-latency processing near data sources. Integration with central cloud. Security for distributed edge nodes. Management and monitoring. Use cases identification. Cost-benefit analysis.,System Administration,medium | |
| CLS031,Adaptive learning platform integration.,Personalized learning paths. Integration with existing LMS. Content development support. Analytics on learning effectiveness. Faculty training. Student orientation.,Classroom/Lab Support,medium | |
| GEN031,IT service management (ITSM) maturity assessment.,Current state assessment against best practices. Gap analysis and improvement roadmap. Process optimization. Technology tool evaluation. Metrics for maturity progression. Regular reassessment.,General IT Support,low | |
| NET021,How to set up a secure wireless access point for a department event?,"Submit temporary wireless network request at least 5 business days in advance. Provide event details, expected attendees, duration, and security requirements. Guest network will be provisioned with unique SSID and password. Bandwidth limits apply. Network automatically disabled after event. Technical support available during event.",Network & Connectivity,medium | |
| NET022,Cannot access network resources after changing office location.,New network port may need activation. Submit port activation request with building and room number. VLAN configuration may differ between locations. Update static IP if assigned. Network profile may need refreshing. Allow 2 business days for port activation.,Network & Connectivity,medium | |
| NET023,Internet connectivity lost after power outage.,Check if network equipment has power. Wait 10 minutes for automatic recovery. Reboot network switch if accessible. Report building-wide outages to facilities. Critical network equipment has UPS backup. Contact IT if not restored within 30 minutes.,Network & Connectivity,high | |
| NET024,How to configure QoS for video conferencing traffic?,"QoS automatically applied for recognized video conferencing services (Zoom, Teams). Ensure using institution-approved services. Wired connection recommended for critical meetings. Home network QoS not managed by institution. For special events, request priority bandwidth allocation.",Network & Connectivity,low | |
| NET025,Network latency issues affecting real-time applications.,Run traceroute to identify bottleneck. Check if using WiFi vs wired connection. Background updates may be consuming bandwidth. Test during different times of day. Some applications have specific port requirements. Contact IT with traceroute results for investigation.,Network & Connectivity,medium | |
| SEC021,How to conduct a security risk assessment for a new project?,"Submit project security assessment request early in planning. Include system architecture, data types, users, and integrations. Security team provides threat modeling and controls recommendations. Follow secure development lifecycle. Regular security reviews throughout project. Final security sign-off required before launch.",Security & Compliance,medium | |
| SEC022,Need to comply with GDPR for international research data.,Data protection impact assessment required. Implement data minimization and pseudonymization. Data processing agreements needed for international transfers. Designate data protection officer contact. Right to erasure procedures. Regular compliance audits.,Security & Compliance,high | |
| SEC023,Social engineering attempt detected - caller asking for credentials.,Do NOT provide any information. Note caller details and report immediately to IT Security. Alert department colleagues. Review security awareness training. These attempts often increase during semester starts. IT may send campus-wide alert if pattern detected.,Security & Compliance,critical | |
| SEC024,Unauthorized software installation detected on network.,Software will be automatically removed if violates policy. User notified with instructions. Repeated violations may result in network access suspension. Approved software available through software center. Development software requires separate approval process.,Security & Compliance,medium | |
| SEC025,Need to implement least privilege access for administrative accounts.,Review current permissions and reduce to minimum necessary. Separate user and admin accounts. Use Just-In-Time elevation where possible. Regular review of privileged access. Monitor admin account usage. Implement approval workflow for privilege use.,Security & Compliance,high | |
| ACC021,Account synchronization delay between systems.,"Normal sync cycle is 15 minutes. Major syncs occur hourly. Emergency sync available for critical needs. Check source system (HR for employees, registrar for students). Manual override possible with approval. Report sync failures exceeding 2 hours.",Account & Access,medium | |
| ACC022,Need to access system as another user for troubleshooting.,Submit impersonation request with justification and duration. Requires manager approval. Logging of all actions performed. Limited to 4 hours maximum. Emergency impersonation available for critical systems. Regular audit of impersonation logs.,Account & Access,high | |
| ACC023,Digital certificate expiration causing access issues.,Renew certificate before expiration date. Self-service portal for certificate renewal. Test new certificate in staging environment. Update all applications using certificate. Monitor for expiration warnings 30 days in advance. Emergency certificate issuance available.,Account & Access,high | |
| ACC024,Biometric authentication not working consistently.,"Clean sensor and retry enrollment. Update biometric drivers. Some changes (weight, injury) may require re-enrollment. Alternative authentication methods available. Biometric data stored locally only. Technical support for hardware issues.",Account & Access,medium | |
| ACC025,Access request workflow automation needed.,Use identity management system for automated provisioning. Define roles and approval workflows. Integration with HR system for joiner/mover/leaver processes. Self-service access requests with manager approval. Regular access certifications. Audit trail for compliance.,Account & Access,low | |
| SOF021,Software compatibility issues after OS upgrade.,Check software vendor for compatibility statement. Some software requires specific OS versions. Virtualization or compatibility mode may help. Contact software vendor for patches. Legacy software may need replacement. Test in isolated environment before deployment.,Software & Applications,high | |
| SOF022,Need to automate software deployment across department.,"Use software distribution system (SCCM, Jamf). Package software with silent install options. Test deployment on pilot group first. Schedule deployments during maintenance windows. Provide user notifications. Rollback plan essential.",Software & Applications,medium | |
| SOF023,Software license server not responding.,Check license server status page. Restart license manager service. Verify network connectivity to server. Check license file expiration. Failover to backup server if configured. Contact vendor for license server issues.,Software & Applications,high | |
| SOF024,Custom software development for department needs.,Submit project request with requirements. Development team assesses feasibility and timeline. Agile development methodology used. User acceptance testing required. Maintenance and support agreement needed. Consider commercial off-the-shelf alternatives first.,Software & Applications,low | |
| SOF025,Software training materials and documentation.,Knowledge base articles available. Video tutorials for common tasks. In-person workshops scheduled monthly. Quick reference guides for department software. Training environment for practice. Custom training for department-specific workflows.,Software & Applications,low | |
| HRD021,Computer fan running loudly constantly.,Clean dust from vents and fans. Check for processes using high CPU. May indicate failing fan or thermal paste. Use compressed air for cleaning. Hardware diagnostics available. Replace fan if bearings failing.,Hardware & Equipment,medium | |
| HRD022,Need ergonomic assessment and equipment.,"Submit ergonomic assessment request. Specialist will evaluate workstation setup. Recommendations for chairs, desks, monitors, etc. Approved equipment available through procurement. Follow-up assessment after adjustments. Priority for medical accommodations.",Hardware & Equipment,low | |
| HRD023,Tablet device not syncing with institutional systems.,Install mobile device management profile. Ensure using institution-approved apps. Check sync settings in each app. Some systems require VPN for off-campus sync. Clear app cache and retry. Factory reset as last resort.,Hardware & Equipment,medium | |
| HRD024,Digital signage hardware not updating content.,Check network connectivity of signage player. Restart signage software. Verify content schedule is active. Update signage player software. Test with simple content first. Contact digital signage team for support.,Hardware & Equipment,medium | |
| HRD025,Conference room AV system integration issues.,Check control system programming. Update firmware on all components. Test each component individually. Cabling may need verification. Room may need re-calibration. Contact AV integration specialist.,Hardware & Equipment,medium | |
| EML021,Email search returning too many results.,"Use advanced search operators (from:, subject:, has:attachment). Specify date ranges. Search within specific folders. Use Boolean operators (AND, OR, NOT). Index may need rebuilding for precise results. Consider using desktop search tools.",Email & Communication,low | |
| EML022,Need to archive departmental email for record keeping.,Use mailbox archive feature. Set retention policies for different folders. Export to PST for long-term storage. Consider using SharePoint for collaborative records. Legal hold may be required for certain communications. Consult records management for requirements.,Email & Communication,low | |
| EML023,Email client rules not executing properly.,Check rule order - rules execute in order listed. Some rules only work when client is running. Server-side vs client-side rules distinction. Test with simple rule first. Too many rules may cause conflicts. Consider using inbox rules instead of client rules.,Email & Communication,low | |
| EML024,Unsubscribe not working from mailing lists.,Use institutional mailing list management portal. Some lists require owner approval to unsubscribe. Global unsubscribe available for all institutional lists. Report spam if unsubscribe fails. Marketing emails have unsubscribe requirements by law.,Email & Communication,low | |
| EML025,Email encryption for sensitive communications.,Use 'Encrypt' option in Outlook for internal emails. External recipients receive portal link for secure viewing. Encrypted email subject line indicates secure message. Training available on proper use. Some data types require mandatory encryption. Audit logging of encrypted messages.,Email & Communication,medium | |
| DAT021,Data deduplication to save storage space.,Enabled on primary storage arrays. Deduplication ratios typically 2:1 to 10:1. Backup storage has additional deduplication. Not suitable for already compressed data. Performance impact minimal. Reporting available on space savings.,Data Management,low | |
| DAT022,Need to implement data loss prevention for department.,"Define sensitive data patterns for your department. Create DLP policies with appropriate actions (block, encrypt, notify). Test policies in audit mode first. Train users on data handling. Regular review of DLP incidents. Adjust policies based on false positives.",Data Management,medium | |
| DAT023,Database replication for high availability.,Transactional replication for reporting databases. Merge replication for distributed updates. Snapshot replication for reference data. Log shipping for disaster recovery. Monitor replication latency. Failover testing required quarterly.,Data Management,high | |
| DAT024,Data quality monitoring and cleansing.,"Implement data validation rules at entry points. Regular data quality audits. Automated cleansing routines for known issues. Data steward responsible for quality. Metrics for data completeness, accuracy, timeliness. Continuous improvement process.",Data Management,medium | |
| DAT025,File share permissions too complex to manage.,Simplify using group-based permissions. Regular permission reviews and cleanup. Implement inheritance where possible. Document permission structure. Consider migrating to SharePoint for better management. Automated permission reporting.,Data Management,medium | |
| SYS021,System imaging not working for new computer models.,Update driver repository for new hardware. Modify task sequences for different models. Test imaging on pilot devices first. Some hardware requires specific driver injection. BIOS settings may need standardization. Contact imaging team for new model support.,System Administration,high | |
| SYS022,Need to automate server patching process.,Use patch management system for scheduling. Create maintenance windows for different server groups. Pre-production testing before production deployment. Backout plans for failed patches. Compliance reporting. Emergency patching process for critical vulnerabilities.,System Administration,medium | |
| SYS023,System performance baseline deviation detected.,Compare current metrics to established baseline. Check for recent changes or updates. Monitor for trending degradation. Performance tuning may be required. Consider capacity increase if growth-related. Root cause analysis for sudden changes.,System Administration,medium | |
| SYS024,Virtual machine resource contention issues.,Check host resource utilization. Right-size VMs based on actual usage. Implement resource pools and limits. Consider vMotion to less loaded host. Monitor for noisy neighbor VMs. Regular capacity planning for virtualization cluster.,System Administration,medium | |
| SYS025,Need to implement configuration management database.,Define CI (Configuration Item) types and relationships. Automate discovery where possible. Establish change management integration. Use for impact analysis and incident management. Regular CMDB audits for accuracy. Training for CMDB users.,System Administration,low | |
| CLS021,Student response data not saving from classroom system.,"Check internet connectivity during session. Ensure software is logged in with correct account. Data may be stored locally until synced. Export data immediately after session. Use backup collection method (paper, alternative tool). Test data saving before important session.",Classroom/Lab Support,high | |
| CLS022,Need to schedule recurring classroom technology training.,Book through faculty development center. Monthly workshops on different topics. Department-specific sessions available. Just-in-time training before semester starts. Online resources for self-paced learning. Feedback used to improve training.,Classroom/Lab Support,low | |
| CLS023,Classroom recording quality issues (audio/video).,Check microphone placement and levels. Lighting adjustments for video quality. Camera positioning and focus. Test recording before important session. Use lapel mic for better audio. Post-production editing available for important recordings.,Classroom/Lab Support,medium | |
| CLS024,Lab software license insufficient for class size.,Submit license increase request with course details. Explore concurrent licensing options. Consider virtual lab for overflow. Schedule lab sessions in shifts. Some software has student home-use options. Budget planning for future license needs.,Classroom/Lab Support,high | |
| CLS025,Classroom technology not accessible for student with disability.,Contact disability services for accommodations. Adjustable furniture available. Assistive technology installed on request. Training for faculty on inclusive technology use. Pre-class testing with student if possible. Alternative formats for materials.,Classroom/Lab Support,high | |
| GEN021,IT service catalog not up to date.,Service owners responsible for catalog updates. Quarterly review cycle for all services. Change management for service modifications. Customer feedback incorporated. Training for service owners on catalog management. Automated notifications for service changes.,General IT Support,low | |
| GEN022,Need to benchmark IT services against peer institutions.,"Participate in industry benchmarking surveys. Peer comparisons available through consortiums. Focus on service quality, cost, and innovation. Action plans for areas needing improvement. Regular benchmarking (annual or bi-annual). Share results with stakeholders.",General IT Support,low | |
| GEN023,IT communication strategy for major changes.,Multi-channel communication plan. Early notification for disruptive changes. Clear explanation of benefits and impacts. Feedback mechanism for concerns. Training and support resources. Post-implementation follow-up.,General IT Support,medium | |
| GEN024,Managing expectations for IT service delivery.,Clear service level agreements published. Realistic timelines communicated. Regular progress updates. Managing scope changes formally. Customer education on IT processes. Transparent reporting on performance.,General IT Support,low | |
| GEN025,IT innovation lab or sandbox environment.,Dedicated environment for testing new technologies. Available to faculty and students for innovation projects. Limited support for experimental setups. Regular showcases of innovative projects. Connection to academic programs. Resource allocation based on proposal.,General IT Support,low | |
| NET026,Network segmentation for research lab security.,Submit network segmentation request with security requirements. Isolated VLAN with controlled access points. Firewall rules between segments. Monitoring for unusual cross-segment traffic. Regular security reviews. Segmentation based on data sensitivity.,Network & Connectivity,high | |
| NET027,Load balancing configuration for high-traffic web service.,Global load balancer for geographic distribution. Health checks for backend servers. SSL termination at load balancer. Session persistence configuration. Auto-scaling integration. Performance monitoring and alerting.,Network & Connectivity,medium | |
| NET028,Multicast networking for video streaming applications.,Enable multicast routing on network devices. Configure IGMP snooping. Bandwidth allocation for multicast traffic. Source-specific multicast for security. Testing in isolated network first. Not all network segments support multicast.,Network & Connectivity,medium | |
| NET029,Network time protocol (NTP) synchronization issues.,"Use institutional NTP servers (ntp1.institution.edu, ntp2.institution.edu). Configure clients to sync regularly. Check firewall rules for port 123. Stratum 1 time sources available. Monitoring for time drift. Critical for authentication and logging.",Network & Connectivity,medium | |
| NET030,Wireless mesh network for outdoor areas.,Outdoor wireless access points with mesh capability. Weatherproof enclosures and lightning protection. Coverage maps for planning. Bandwidth planning for expected usage. Maintenance schedule for outdoor equipment. Emergency power backup.,Network & Connectivity,low | |
| SEC026,Third-party security assessment for vendor software.,Require vendor to provide recent security assessment. Independent penetration testing for critical systems. Review of security controls and practices. Contractual security requirements. Regular re-assessment for ongoing services. Risk acceptance for any deficiencies.,Security & Compliance,high | |
| SEC027,Security operations center (SOC) monitoring alerts.,24/7 monitoring of security events. Tiered response structure. Automated alert correlation. Threat intelligence integration. Regular threat hunting exercises. Metrics for detection and response times.,Security & Compliance,critical | |
| SEC028,Digital forensics investigation procedures.,Preserve chain of evidence. Imaging of affected systems. Timeline analysis of events. Correlation across multiple systems. Legal hold considerations. Expert testimony preparation if needed.,Security & Compliance,critical | |
| SEC029,Security architecture review for new application.,Threat modeling during design phase. Security requirements specification. Code review for security flaws. Penetration testing before production. Security training for development team. Ongoing security monitoring post-deployment.,Security & Compliance,high | |
| SEC030,Zero trust network access implementation.,Identity-based access control. Micro-segmentation of network. Continuous authentication. Device health checking. Least privilege access. Monitoring and analytics.,Security & Compliance,medium | |
| ACC026,Just-in-time access provisioning for temporary needs.,Time-bound access requests. Automated approval workflows. Self-service access requests. Automatic revocation after duration. Usage monitoring during access period. Integration with project management tools.,Account & Access,medium | |
| ACC027,Access certification campaign management.,Regular access reviews for all systems. Manager certification of employee access. Exception management process. Automated reminders and escalations. Compliance reporting. Continuous improvement based on findings.,Account & Access,medium | |
| ACC028,Privileged access management (PAM) solution.,Vault for privileged credentials. Session recording and monitoring. Just-in-time elevation. Approval workflow for privileged access. Integration with ticketing system. Regular audit of privileged access.,Account & Access,high | |
| ACC029,Multi-factor authentication fatigue attacks.,Implement number matching in MFA prompts. Limit MFA attempts. User education on MFA attacks. Context-aware authentication. Monitoring for unusual MFA patterns. Alternative authentication methods available.,Account & Access,high | |
| ACC030,Identity governance for compliance requirements.,Define identity lifecycle processes. Role-based access control. Segregation of duties controls. Access certification automation. Audit trail for compliance reporting. Regular policy reviews.,Account & Access,medium | |
| SOF026,Software bill of materials (SBOM) requirements.,Generate SBOM for all developed software. Include open source and third-party components. Vulnerability assessment based on SBOM. Supply chain security tracking. Required for certain compliance standards. Integration with security tools.,Software & Applications,medium | |
| SOF027,Container security scanning and management.,Scan container images for vulnerabilities. Use trusted base images. Regular updates of container images. Runtime security monitoring. Registry scanning for compliance. Integration with CI/CD pipeline.,Software & Applications,high | |
| SOF028,Software vulnerability management process.,Regular vulnerability scanning. Risk-based prioritization of fixes. Patching timelines based on severity. Testing patches before deployment. Emergency patching process. Reporting on vulnerability status.,Software & Applications,high | |
| SOF029,API security testing and protection.,Authentication and authorization for all APIs. Rate limiting and throttling. Input validation and sanitization. Regular security testing of APIs. API gateway for centralized security. Monitoring for abnormal API usage.,Software & Applications,high | |
| SOF030,Software supply chain security measures.,Verify integrity of downloaded software. Use signed packages from trusted sources. Dependency checking for vulnerabilities. Build process security. Delivery integrity verification. Incident response for supply chain attacks.,Software & Applications,critical | |
| HRD026,Hardware security module (HSM) for cryptographic operations.,Dedicated HSM for key management. FIPS 140-2 validated devices. Integration with applications requiring crypto. Regular firmware updates. Physical security requirements. Backup and recovery procedures.,Hardware & Equipment,high | |
| HRD027,Industrial control system (ICS) security for labs.,Network segmentation from general campus network. Specialized security controls for ICS. Regular vulnerability assessments. Physical access controls. Incident response plan for ICS. Training for lab personnel.,Hardware & Equipment,high | |
| HRD028,Hardware tamper detection and response.,Tamper-evident seals on critical equipment. Physical intrusion detection. Remote wipe capability for mobile devices. Hardware security features (TPM). Regular physical inspections. Incident response for suspected tampering.,Hardware & Equipment,critical | |
| HRD029,Supply chain security for hardware procurement.,Vendor security assessments. Hardware authenticity verification. Firmware integrity checking. Secure delivery and installation. Monitoring for counterfeit components. Lifecycle management including secure disposal.,Hardware & Equipment,medium | |
| HRD030,Hardware-based authentication tokens.,FIDO2 security keys for phishing-resistant authentication. Smart cards for physical access and login. Token management system. Loss/theft reporting procedures. Backup authentication methods. User training on token use.,Hardware & Equipment,medium | |
| EML026,Email authentication failures causing delivery issues.,"Check SPF, DKIM, DMARC configuration. Ensure sending infrastructure included in SPF. Monitor authentication reports. Warm-up new IP addresses for email sending. Test authentication before bulk sends. Contact email administrators for configuration help.",Email & Communication,high | |
| EML027,Email continuity during outage or maintenance.,Webmail access typically remains available during client outages. Mobile access may work when desktop client fails. Critical communications have alternative channels. Planned maintenance announced in advance. Emergency communications via text alert system. Business continuity planning for extended outages.,Email & Communication,critical | |
| EML028,Cross-tenant communication with external organizations.,Configure external federation if supported. Secure mail gateway for inter-organizational email. Consider encrypted email for sensitive communications. Testing with target organizations. Monitoring for delivery failures. Alternative communication methods for critical messages.,Email & Communication,medium | |
| EML029,Email data sovereignty and residency requirements.,Understand data residency requirements for your data. Institutional email typically resides in regionally located datacenters. Special arrangements possible for sensitive research data. Contractual terms with email provider. Regular compliance verification. User awareness of data location.,Email & Communication,medium | |
| EML030,Email security awareness training effectiveness.,Regular phishing simulation tests. Training completion tracking. Behavior monitoring for click rates. Continuous improvement of training content. Metrics for reduction in security incidents. Tailored training for high-risk groups.,Email & Communication,medium | |
| DAT026,Data catalog for institutional data assets.,Inventory of data assets across institution. Metadata management for discoverability. Data lineage tracking. Data quality indicators. Access request workflow. Integration with analytics tools.,Data Management,low | |
| DAT027,Data masking for non-production environments.,Automated data masking for sensitive fields. Referential integrity preservation. Format-preserving encryption options. Performance testing with masked data. Compliance with data protection regulations. Regular validation of masking effectiveness.,Data Management,medium | |
| DAT028,Blockchain for academic credential verification.,Pilot program for digital diplomas. Integration with student information system. Verification portal for employers. Standards compliance (W3C Verifiable Credentials). User control of credential sharing. Long-term preservation considerations.,Data Management,low | |
| DAT029,Data lake architecture for research analytics.,Centralized repository for structured and unstructured data. Schema-on-read flexibility. Integration with research data sources. Analytics tools and visualization. Data governance framework. Scalable storage and compute.,Data Management,medium | |
| DAT030,Data ethics framework for research projects.,Ethics review for data collection and use. Informed consent processes. Data minimization principles. Bias detection and mitigation. Transparency in data practices. Ongoing ethics oversight.,Data Management,high | |
| SYS026,Infrastructure as code for cloud provisioning.,Terraform or CloudFormation templates. Version control for infrastructure code. Automated testing of infrastructure changes. Consistent environments across stages. Cost optimization through code. Security scanning of infrastructure code.,System Administration,medium | |
| SYS027,Service mesh implementation for microservices.,Istio or Linkerd for service-to-service communication. Traffic management and load balancing. Security policies between services. Observability and monitoring. Canary deployments. Performance optimization.,System Administration,medium | |
| SYS028,GitOps for continuous deployment.,Git as single source of truth for infrastructure and apps. Automated synchronization to target environments. Pull request workflow for changes. Rollback through git revert. Compliance through git history. Integration with CI/CD pipeline.,System Administration,medium | |
| SYS029,Observability platform implementation.,"Metrics, logs, and traces in unified platform. Real-time monitoring and alerting. Historical analysis and trending. Correlation across telemetry sources. AIOps for anomaly detection. Cost optimization for observability data.",System Administration,medium | |
| SYS030,Chaos engineering for system resilience.,Controlled experiments to test system resilience. Failure injection in pre-production. Measurement of system behavior under stress. Learning and improvement from experiments. Gradual expansion to production. Integration with incident response.,System Administration,medium | |
| CLS026,Immersive technology (VR/AR) in classrooms.,Dedicated VR/AR lab available. Curriculum integration support. Equipment checkout for classes. Technical support for setup. Content development resources. Assessment of learning outcomes.,Classroom/Lab Support,low | |
| CLS027,Learning analytics integration with LMS.,Data extraction from learning management system. Analytics dashboard for instructors. Early alert system for at-risk students. Privacy-preserving analytics. Training on data interpretation. Continuous improvement based on insights.,Classroom/Lab Support,medium | |
| CLS028,Digital proctoring solution implementation.,Multiple proctoring options available. Faculty training on effective use. Student orientation on requirements. Accessibility accommodations. Privacy and data protection. Technical support during exams.,Classroom/Lab Support,high | |
| CLS029,Classroom response system integration with gradebook.,Automatic grade synchronization. Attendance tracking. Participation scoring. Data export for analysis. Privacy controls for student data. Training on effective use for assessment.,Classroom/Lab Support,medium | |
| CLS030,Accessible course material creation tools.,Templates for accessible documents. Automated accessibility checking. Alternative format creation. Captioning and transcription services. Training on accessible design. Regular audits of course materials.,Classroom/Lab Support,medium | |
| GEN026,IT sustainability and carbon footprint reduction.,Energy-efficient hardware procurement. Data center cooling optimization. Server virtualization for consolidation. Cloud migration for efficiency. Equipment lifecycle extension. Renewable energy sourcing.,General IT Support,low | |
| GEN027,Digital transformation strategy for administrative processes.,Process analysis and optimization. Technology selection for digitization. Change management for adoption. Metrics for transformation success. Continuous improvement cycle. Stakeholder engagement throughout.,General IT Support,low | |
| GEN028,IT talent development and retention strategies.,Career path development. Training and certification programs. Mentoring and coaching. Competitive compensation. Flexible work arrangements. Recognition and rewards.,General IT Support,low | |
| GEN029,IT risk management framework.,Risk identification and assessment. Risk treatment strategies. Risk monitoring and reporting. Integration with enterprise risk management. Regular risk reviews. Risk-aware decision making.,General IT Support,medium | |
| GEN030,Business continuity and disaster recovery testing.,Regular tabletop exercises. Full-scale disaster recovery tests. Lessons learned and improvement plans. Coordination with business units. Documentation updates based on tests. Compliance with regulatory requirements.,General IT Support,high | |
| NET031,Software-defined networking (SDN) implementation.,Centralized network management and automation. Dynamic traffic engineering. Network virtualization. Integration with cloud environments. Security policy automation. Skills development for network team.,Network & Connectivity,medium | |
| SEC031,Extended detection and response (XDR) platform.,Cross-domain threat detection. Automated investigation and response. Threat intelligence integration. Hunting capabilities. Compliance reporting. Integration with existing security tools.,Security & Compliance,high | |
| ACC031,Passwordless authentication implementation.,FIDO2 security keys. Windows Hello for Business. Mobile authenticator apps. Biometric authentication. Phishing resistance benefits. User education and rollout plan.,Account & Access,medium | |
| SOF031,Low-code/no-code platform governance.,Approved platforms list. Development standards and best practices. Security review process. Data governance integration. Training and support. Monitoring and audit of applications.,Software & Applications,medium | |
| HRD031,Internet of Things (IoT) device management.,IoT device registration and inventory. Network segmentation for IoT. Security baseline for IoT devices. Monitoring for anomalous behavior. Firmware update management. End-of-life planning.,Hardware & Equipment,high | |
| EML031,Email data classification and labeling.,Automatic classification based on content. Manual labeling options. Protection actions based on classification. User training on proper labeling. Compliance reporting. Integration with DLP.,Email & Communication,medium | |
| DAT031,Data fabric architecture implementation.,Unified data management across environments. Metadata-driven data integration. Self-service data access. Data quality and governance. AI/ML integration. Hybrid and multi-cloud support.,Data Management,medium | |
| SYS031,Edge computing infrastructure for research.,Low-latency processing near data sources. Integration with central cloud. Security for distributed edge nodes. Management and monitoring. Use cases identification. Cost-benefit analysis.,System Administration,medium | |
| CLS031,Adaptive learning platform integration.,Personalized learning paths. Integration with existing LMS. Content development support. Analytics on learning effectiveness. Faculty training. Student orientation.,Classroom/Lab Support,medium | |
| GEN031,IT service management (ITSM) maturity assessment.,Current state assessment against best practices. Gap analysis and improvement roadmap. Process optimization. Technology tool evaluation. Metrics for maturity progression. Regular reassessment.,General IT Support,low | |
| NET021,How to set up a secure wireless access point for a department event?,"Submit temporary wireless network request at least 5 business days in advance. Provide event details, expected attendees, duration, and security requirements. Guest network will be provisioned with unique SSID and password. Bandwidth limits apply. Network automatically disabled after event. Technical support available during event.",Network & Connectivity,medium | |
| NET022,Cannot access network resources after changing office location.,New network port may need activation. Submit port activation request with building and room number. VLAN configuration may differ between locations. Update static IP if assigned. Network profile may need refreshing. Allow 2 business days for port activation.,Network & Connectivity,medium | |
| NET023,Internet connectivity lost after power outage.,Check if network equipment has power. Wait 10 minutes for automatic recovery. Reboot network switch if accessible. Report building-wide outages to facilities. Critical network equipment has UPS backup. Contact IT if not restored within 30 minutes.,Network & Connectivity,high | |
| NET024,How to configure QoS for video conferencing traffic?,"QoS automatically applied for recognized video conferencing services (Zoom, Teams). Ensure using institution-approved services. Wired connection recommended for critical meetings. Home network QoS not managed by institution. For special events, request priority bandwidth allocation.",Network & Connectivity,low | |
| NET025,Network latency issues affecting real-time applications.,Run traceroute to identify bottleneck. Check if using WiFi vs wired connection. Background updates may be consuming bandwidth. Test during different times of day. Some applications have specific port requirements. Contact IT with traceroute results for investigation.,Network & Connectivity,medium | |
| SEC021,How to conduct a security risk assessment for a new project?,"Submit project security assessment request early in planning. Include system architecture, data types, users, and integrations. Security team provides threat modeling and controls recommendations. Follow secure development lifecycle. Regular security reviews throughout project. Final security sign-off required before launch.",Security & Compliance,medium | |
| SEC022,Need to comply with GDPR for international research data.,Data protection impact assessment required. Implement data minimization and pseudonymization. Data processing agreements needed for international transfers. Designate data protection officer contact. Right to erasure procedures. Regular compliance audits.,Security & Compliance,high | |
| SEC023,Social engineering attempt detected - caller asking for credentials.,Do NOT provide any information. Note caller details and report immediately to IT Security. Alert department colleagues. Review security awareness training. These attempts often increase during semester starts. IT may send campus-wide alert if pattern detected.,Security & Compliance,critical | |
| SEC024,Unauthorized software installation detected on network.,Software will be automatically removed if violates policy. User notified with instructions. Repeated violations may result in network access suspension. Approved software available through software center. Development software requires separate approval process.,Security & Compliance,medium | |
| SEC025,Need to implement least privilege access for administrative accounts.,Review current permissions and reduce to minimum necessary. Separate user and admin accounts. Use Just-In-Time elevation where possible. Regular review of privileged access. Monitor admin account usage. Implement approval workflow for privilege use.,Security & Compliance,high | |
| ACC021,Account synchronization delay between systems.,"Normal sync cycle is 15 minutes. Major syncs occur hourly. Emergency sync available for critical needs. Check source system (HR for employees, registrar for students). Manual override possible with approval. Report sync failures exceeding 2 hours.",Account & Access,medium | |
| ACC022,Need to access system as another user for troubleshooting.,Submit impersonation request with justification and duration. Requires manager approval. Logging of all actions performed. Limited to 4 hours maximum. Emergency impersonation available for critical systems. Regular audit of impersonation logs.,Account & Access,high | |
| ACC023,Digital certificate expiration causing access issues.,Renew certificate before expiration date. Self-service portal for certificate renewal. Test new certificate in staging environment. Update all applications using certificate. Monitor for expiration warnings 30 days in advance. Emergency certificate issuance available.,Account & Access,high | |
| ACC024,Biometric authentication not working consistently.,"Clean sensor and retry enrollment. Update biometric drivers. Some changes (weight, injury) may require re-enrollment. Alternative authentication methods available. Biometric data stored locally only. Technical support for hardware issues.",Account & Access,medium | |
| ACC025,Access request workflow automation needed.,Use identity management system for automated provisioning. Define roles and approval workflows. Integration with HR system for joiner/mover/leaver processes. Self-service access requests with manager approval. Regular access certifications. Audit trail for compliance.,Account & Access,low | |
| SOF021,Software compatibility issues after OS upgrade.,Check software vendor for compatibility statement. Some software requires specific OS versions. Virtualization or compatibility mode may help. Contact software vendor for patches. Legacy software may need replacement. Test in isolated environment before deployment.,Software & Applications,high | |
| SOF022,Need to automate software deployment across department.,"Use software distribution system (SCCM, Jamf). Package software with silent install options. Test deployment on pilot group first. Schedule deployments during maintenance windows. Provide user notifications. Rollback plan essential.",Software & Applications,medium | |
| SOF023,Software license server not responding.,Check license server status page. Restart license manager service. Verify network connectivity to server. Check license file expiration. Failover to backup server if configured. Contact vendor for license server issues.,Software & Applications,high | |
| SOF024,Custom software development for department needs.,Submit project request with requirements. Development team assesses feasibility and timeline. Agile development methodology used. User acceptance testing required. Maintenance and support agreement needed. Consider commercial off-the-shelf alternatives first.,Software & Applications,low | |
| SOF025,Software training materials and documentation.,Knowledge base articles available. Video tutorials for common tasks. In-person workshops scheduled monthly. Quick reference guides for department software. Training environment for practice. Custom training for department-specific workflows.,Software & Applications,low | |
| HRD021,Computer fan running loudly constantly.,Clean dust from vents and fans. Check for processes using high CPU. May indicate failing fan or thermal paste. Use compressed air for cleaning. Hardware diagnostics available. Replace fan if bearings failing.,Hardware & Equipment,medium | |
| HRD022,Need ergonomic assessment and equipment.,"Submit ergonomic assessment request. Specialist will evaluate workstation setup. Recommendations for chairs, desks, monitors, etc. Approved equipment available through procurement. Follow-up assessment after adjustments. Priority for medical accommodations.",Hardware & Equipment,low | |
| HRD023,Tablet device not syncing with institutional systems.,Install mobile device management profile. Ensure using institution-approved apps. Check sync settings in each app. Some systems require VPN for off-campus sync. Clear app cache and retry. Factory reset as last resort.,Hardware & Equipment,medium | |
| HRD024,Digital signage hardware not updating content.,Check network connectivity of signage player. Restart signage software. Verify content schedule is active. Update signage player software. Test with simple content first. Contact digital signage team for support.,Hardware & Equipment,medium | |
| HRD025,Conference room AV system integration issues.,Check control system programming. Update firmware on all components. Test each component individually. Cabling may need verification. Room may need re-calibration. Contact AV integration specialist.,Hardware & Equipment,medium | |
| EML021,Email search returning too many results.,"Use advanced search operators (from:, subject:, has:attachment). Specify date ranges. Search within specific folders. Use Boolean operators (AND, OR, NOT). Index may need rebuilding for precise results. Consider using desktop search tools.",Email & Communication,low | |
| EML022,Need to archive departmental email for record keeping.,Use mailbox archive feature. Set retention policies for different folders. Export to PST for long-term storage. Consider using SharePoint for collaborative records. Legal hold may be required for certain communications. Consult records management for requirements.,Email & Communication,low | |
| EML023,Email client rules not executing properly.,Check rule order - rules execute in order listed. Some rules only work when client is running. Server-side vs client-side rules distinction. Test with simple rule first. Too many rules may cause conflicts. Consider using inbox rules instead of client rules.,Email & Communication,low | |
| EML024,Unsubscribe not working from mailing lists.,Use institutional mailing list management portal. Some lists require owner approval to unsubscribe. Global unsubscribe available for all institutional lists. Report spam if unsubscribe fails. Marketing emails have unsubscribe requirements by law.,Email & Communication,low | |
| EML025,Email encryption for sensitive communications.,Use 'Encrypt' option in Outlook for internal emails. External recipients receive portal link for secure viewing. Encrypted email subject line indicates secure message. Training available on proper use. Some data types require mandatory encryption. Audit logging of encrypted messages.,Email & Communication,medium | |
| DAT021,Data deduplication to save storage space.,Enabled on primary storage arrays. Deduplication ratios typically 2:1 to 10:1. Backup storage has additional deduplication. Not suitable for already compressed data. Performance impact minimal. Reporting available on space savings.,Data Management,low | |
| DAT022,Need to implement data loss prevention for department.,"Define sensitive data patterns for your department. Create DLP policies with appropriate actions (block, encrypt, notify). Test policies in audit mode first. Train users on data handling. Regular review of DLP incidents. Adjust policies based on false positives.",Data Management,medium | |
| DAT023,Database replication for high availability.,Transactional replication for reporting databases. Merge replication for distributed updates. Snapshot replication for reference data. Log shipping for disaster recovery. Monitor replication latency. Failover testing required quarterly.,Data Management,high | |
| DAT024,Data quality monitoring and cleansing.,"Implement data validation rules at entry points. Regular data quality audits. Automated cleansing routines for known issues. Data steward responsible for quality. Metrics for data completeness, accuracy, timeliness. Continuous improvement process.",Data Management,medium | |
| DAT025,File share permissions too complex to manage.,Simplify using group-based permissions. Regular permission reviews and cleanup. Implement inheritance where possible. Document permission structure. Consider migrating to SharePoint for better management. Automated permission reporting.,Data Management,medium | |
| SYS021,System imaging not working for new computer models.,Update driver repository for new hardware. Modify task sequences for different models. Test imaging on pilot devices first. Some hardware requires specific driver injection. BIOS settings may need standardization. Contact imaging team for new model support.,System Administration,high | |
| SYS022,Need to automate server patching process.,Use patch management system for scheduling. Create maintenance windows for different server groups. Pre-production testing before production deployment. Backout plans for failed patches. Compliance reporting. Emergency patching process for critical vulnerabilities.,System Administration,medium | |
| SYS023,System performance baseline deviation detected.,Compare current metrics to established baseline. Check for recent changes or updates. Monitor for trending degradation. Performance tuning may be required. Consider capacity increase if growth-related. Root cause analysis for sudden changes.,System Administration,medium | |
| SYS024,Virtual machine resource contention issues.,Check host resource utilization. Right-size VMs based on actual usage. Implement resource pools and limits. Consider vMotion to less loaded host. Monitor for noisy neighbor VMs. Regular capacity planning for virtualization cluster.,System Administration,medium | |
| SYS025,Need to implement configuration management database.,Define CI (Configuration Item) types and relationships. Automate discovery where possible. Establish change management integration. Use for impact analysis and incident management. Regular CMDB audits for accuracy. Training for CMDB users.,System Administration,low | |
| CLS021,Student response data not saving from classroom system.,"Check internet connectivity during session. Ensure software is logged in with correct account. Data may be stored locally until synced. Export data immediately after session. Use backup collection method (paper, alternative tool). Test data saving before important session.",Classroom/Lab Support,high | |
| CLS022,Need to schedule recurring classroom technology training.,Book through faculty development center. Monthly workshops on different topics. Department-specific sessions available. Just-in-time training before semester starts. Online resources for self-paced learning. Feedback used to improve training.,Classroom/Lab Support,low | |
| CLS023,Classroom recording quality issues (audio/video).,Check microphone placement and levels. Lighting adjustments for video quality. Camera positioning and focus. Test recording before important session. Use lapel mic for better audio. Post-production editing available for important recordings.,Classroom/Lab Support,medium | |
| CLS024,Lab software license insufficient for class size.,Submit license increase request with course details. Explore concurrent licensing options. Consider virtual lab for overflow. Schedule lab sessions in shifts. Some software has student home-use options. Budget planning for future license needs.,Classroom/Lab Support,high | |
| CLS025,Classroom technology not accessible for student with disability.,Contact disability services for accommodations. Adjustable furniture available. Assistive technology installed on request. Training for faculty on inclusive technology use. Pre-class testing with student if possible. Alternative formats for materials.,Classroom/Lab Support,high | |
| GEN021,IT service catalog not up to date.,Service owners responsible for catalog updates. Quarterly review cycle for all services. Change management for service modifications. Customer feedback incorporated. Training for service owners on catalog management. Automated notifications for service changes.,General IT Support,low | |
| GEN022,Need to benchmark IT services against peer institutions.,"Participate in industry benchmarking surveys. Peer comparisons available through consortiums. Focus on service quality, cost, and innovation. Action plans for areas needing improvement. Regular benchmarking (annual or bi-annual). Share results with stakeholders.",General IT Support,low | |
| GEN023,IT communication strategy for major changes.,Multi-channel communication plan. Early notification for disruptive changes. Clear explanation of benefits and impacts. Feedback mechanism for concerns. Training and support resources. Post-implementation follow-up.,General IT Support,medium | |
| GEN024,Managing expectations for IT service delivery.,Clear service level agreements published. Realistic timelines communicated. Regular progress updates. Managing scope changes formally. Customer education on IT processes. Transparent reporting on performance.,General IT Support,low | |
| GEN025,IT innovation lab or sandbox environment.,Dedicated environment for testing new technologies. Available to faculty and students for innovation projects. Limited support for experimental setups. Regular showcases of innovative projects. Connection to academic programs. Resource allocation based on proposal.,General IT Support,low | |
| NET026,Network segmentation for research lab security.,Submit network segmentation request with security requirements. Isolated VLAN with controlled access points. Firewall rules between segments. Monitoring for unusual cross-segment traffic. Regular security reviews. Segmentation based on data sensitivity.,Network & Connectivity,high | |
| NET027,Load balancing configuration for high-traffic web service.,Global load balancer for geographic distribution. Health checks for backend servers. SSL termination at load balancer. Session persistence configuration. Auto-scaling integration. Performance monitoring and alerting.,Network & Connectivity,medium | |
| NET028,Multicast networking for video streaming applications.,Enable multicast routing on network devices. Configure IGMP snooping. Bandwidth allocation for multicast traffic. Source-specific multicast for security. Testing in isolated network first. Not all network segments support multicast.,Network & Connectivity,medium | |
| NET029,Network time protocol (NTP) synchronization issues.,"Use institutional NTP servers (ntp1.institution.edu, ntp2.institution.edu). Configure clients to sync regularly. Check firewall rules for port 123. Stratum 1 time sources available. Monitoring for time drift. Critical for authentication and logging.",Network & Connectivity,medium | |
| NET030,Wireless mesh network for outdoor areas.,Outdoor wireless access points with mesh capability. Weatherproof enclosures and lightning protection. Coverage maps for planning. Bandwidth planning for expected usage. Maintenance schedule for outdoor equipment. Emergency power backup.,Network & Connectivity,low | |
| SEC026,Third-party security assessment for vendor software.,Require vendor to provide recent security assessment. Independent penetration testing for critical systems. Review of security controls and practices. Contractual security requirements. Regular re-assessment for ongoing services. Risk acceptance for any deficiencies.,Security & Compliance,high | |
| SEC027,Security operations center (SOC) monitoring alerts.,24/7 monitoring of security events. Tiered response structure. Automated alert correlation. Threat intelligence integration. Regular threat hunting exercises. Metrics for detection and response times.,Security & Compliance,critical | |
| SEC028,Digital forensics investigation procedures.,Preserve chain of evidence. Imaging of affected systems. Timeline analysis of events. Correlation across multiple systems. Legal hold considerations. Expert testimony preparation if needed.,Security & Compliance,critical | |
| SEC029,Security architecture review for new application.,Threat modeling during design phase. Security requirements specification. Code review for security flaws. Penetration testing before production. Security training for development team. Ongoing security monitoring post-deployment.,Security & Compliance,high | |
| SEC030,Zero trust network access implementation.,Identity-based access control. Micro-segmentation of network. Continuous authentication. Device health checking. Least privilege access. Monitoring and analytics.,Security & Compliance,medium | |
| ACC026,Just-in-time access provisioning for temporary needs.,Time-bound access requests. Automated approval workflows. Self-service access requests. Automatic revocation after duration. Usage monitoring during access period. Integration with project management tools.,Account & Access,medium | |
| ACC027,Access certification campaign management.,Regular access reviews for all systems. Manager certification of employee access. Exception management process. Automated reminders and escalations. Compliance reporting. Continuous improvement based on findings.,Account & Access,medium | |
| ACC028,Privileged access management (PAM) solution.,Vault for privileged credentials. Session recording and monitoring. Just-in-time elevation. Approval workflow for privileged access. Integration with ticketing system. Regular audit of privileged access.,Account & Access,high | |
| ACC029,Multi-factor authentication fatigue attacks.,Implement number matching in MFA prompts. Limit MFA attempts. User education on MFA attacks. Context-aware authentication. Monitoring for unusual MFA patterns. Alternative authentication methods available.,Account & Access,high | |
| ACC030,Identity governance for compliance requirements.,Define identity lifecycle processes. Role-based access control. Segregation of duties controls. Access certification automation. Audit trail for compliance reporting. Regular policy reviews.,Account & Access,medium | |
| SOF026,Software bill of materials (SBOM) requirements.,Generate SBOM for all developed software. Include open source and third-party components. Vulnerability assessment based on SBOM. Supply chain security tracking. Required for certain compliance standards. Integration with security tools.,Software & Applications,medium | |
| SOF027,Container security scanning and management.,Scan container images for vulnerabilities. Use trusted base images. Regular updates of container images. Runtime security monitoring. Registry scanning for compliance. Integration with CI/CD pipeline.,Software & Applications,high | |
| SOF028,Software vulnerability management process.,Regular vulnerability scanning. Risk-based prioritization of fixes. Patching timelines based on severity. Testing patches before deployment. Emergency patching process. Reporting on vulnerability status.,Software & Applications,high | |
| SOF029,API security testing and protection.,Authentication and authorization for all APIs. Rate limiting and throttling. Input validation and sanitization. Regular security testing of APIs. API gateway for centralized security. Monitoring for abnormal API usage.,Software & Applications,high | |
| SOF030,Software supply chain security measures.,Verify integrity of downloaded software. Use signed packages from trusted sources. Dependency checking for vulnerabilities. Build process security. Delivery integrity verification. Incident response for supply chain attacks.,Software & Applications,critical | |
| HRD026,Hardware security module (HSM) for cryptographic operations.,Dedicated HSM for key management. FIPS 140-2 validated devices. Integration with applications requiring crypto. Regular firmware updates. Physical security requirements. Backup and recovery procedures.,Hardware & Equipment,high | |
| HRD027,Industrial control system (ICS) security for labs.,Network segmentation from general campus network. Specialized security controls for ICS. Regular vulnerability assessments. Physical access controls. Incident response plan for ICS. Training for lab personnel.,Hardware & Equipment,high | |
| HRD028,Hardware tamper detection and response.,Tamper-evident seals on critical equipment. Physical intrusion detection. Remote wipe capability for mobile devices. Hardware security features (TPM). Regular physical inspections. Incident response for suspected tampering.,Hardware & Equipment,critical | |
| HRD029,Supply chain security for hardware procurement.,Vendor security assessments. Hardware authenticity verification. Firmware integrity checking. Secure delivery and installation. Monitoring for counterfeit components. Lifecycle management including secure disposal.,Hardware & Equipment,medium | |
| HRD030,Hardware-based authentication tokens.,FIDO2 security keys for phishing-resistant authentication. Smart cards for physical access and login. Token management system. Loss/theft reporting procedures. Backup authentication methods. User training on token use.,Hardware & Equipment,medium | |
| EML026,Email authentication failures causing delivery issues.,"Check SPF, DKIM, DMARC configuration. Ensure sending infrastructure included in SPF. Monitor authentication reports. Warm-up new IP addresses for email sending. Test authentication before bulk sends. Contact email administrators for configuration help.",Email & Communication,high | |
| EML027,Email continuity during outage or maintenance.,Webmail access typically remains available during client outages. Mobile access may work when desktop client fails. Critical communications have alternative channels. Planned maintenance announced in advance. Emergency communications via text alert system. Business continuity planning for extended outages.,Email & Communication,critical | |
| EML028,Cross-tenant communication with external organizations.,Configure external federation if supported. Secure mail gateway for inter-organizational email. Consider encrypted email for sensitive communications. Testing with target organizations. Monitoring for delivery failures. Alternative communication methods for critical messages.,Email & Communication,medium | |
| EML029,Email data sovereignty and residency requirements.,Understand data residency requirements for your data. Institutional email typically resides in regionally located datacenters. Special arrangements possible for sensitive research data. Contractual terms with email provider. Regular compliance verification. User awareness of data location.,Email & Communication,medium | |
| EML030,Email security awareness training effectiveness.,Regular phishing simulation tests. Training completion tracking. Behavior monitoring for click rates. Continuous improvement of training content. Metrics for reduction in security incidents. Tailored training for high-risk groups.,Email & Communication,medium | |
| DAT026,Data catalog for institutional data assets.,Inventory of data assets across institution. Metadata management for discoverability. Data lineage tracking. Data quality indicators. Access request workflow. Integration with analytics tools.,Data Management,low | |
| DAT027,Data masking for non-production environments.,Automated data masking for sensitive fields. Referential integrity preservation. Format-preserving encryption options. Performance testing with masked data. Compliance with data protection regulations. Regular validation of masking effectiveness.,Data Management,medium | |
| DAT028,Blockchain for academic credential verification.,Pilot program for digital diplomas. Integration with student information system. Verification portal for employers. Standards compliance (W3C Verifiable Credentials). User control of credential sharing. Long-term preservation considerations.,Data Management,low | |
| DAT029,Data lake architecture for research analytics.,Centralized repository for structured and unstructured data. Schema-on-read flexibility. Integration with research data sources. Analytics tools and visualization. Data governance framework. Scalable storage and compute.,Data Management,medium | |
| DAT030,Data ethics framework for research projects.,Ethics review for data collection and use. Informed consent processes. Data minimization principles. Bias detection and mitigation. Transparency in data practices. Ongoing ethics oversight.,Data Management,high | |
| SYS026,Infrastructure as code for cloud provisioning.,Terraform or CloudFormation templates. Version control for infrastructure code. Automated testing of infrastructure changes. Consistent environments across stages. Cost optimization through code. Security scanning of infrastructure code.,System Administration,medium | |
| SYS027,Service mesh implementation for microservices.,Istio or Linkerd for service-to-service communication. Traffic management and load balancing. Security policies between services. Observability and monitoring. Canary deployments. Performance optimization.,System Administration,medium | |
| SYS028,GitOps for continuous deployment.,Git as single source of truth for infrastructure and apps. Automated synchronization to target environments. Pull request workflow for changes. Rollback through git revert. Compliance through git history. Integration with CI/CD pipeline.,System Administration,medium | |
| SYS029,Observability platform implementation.,"Metrics, logs, and traces in unified platform. Real-time monitoring and alerting. Historical analysis and trending. Correlation across telemetry sources. AIOps for anomaly detection. Cost optimization for observability data.",System Administration,medium | |
| SYS030,Chaos engineering for system resilience.,Controlled experiments to test system resilience. Failure injection in pre-production. Measurement of system behavior under stress. Learning and improvement from experiments. Gradual expansion to production. Integration with incident response.,System Administration,medium | |
| CLS026,Immersive technology (VR/AR) in classrooms.,Dedicated VR/AR lab available. Curriculum integration support. Equipment checkout for classes. Technical support for setup. Content development resources. Assessment of learning outcomes.,Classroom/Lab Support,low | |
| CLS027,Learning analytics integration with LMS.,Data extraction from learning management system. Analytics dashboard for instructors. Early alert system for at-risk students. Privacy-preserving analytics. Training on data interpretation. Continuous improvement based on insights.,Classroom/Lab Support,medium | |
| CLS028,Digital proctoring solution implementation.,Multiple proctoring options available. Faculty training on effective use. Student orientation on requirements. Accessibility accommodations. Privacy and data protection. Technical support during exams.,Classroom/Lab Support,high | |
| CLS029,Classroom response system integration with gradebook.,Automatic grade synchronization. Attendance tracking. Participation scoring. Data export for analysis. Privacy controls for student data. Training on effective use for assessment.,Classroom/Lab Support,medium | |
| CLS030,Accessible course material creation tools.,Templates for accessible documents. Automated accessibility checking. Alternative format creation. Captioning and transcription services. Training on accessible design. Regular audits of course materials.,Classroom/Lab Support,medium | |
| GEN026,IT sustainability and carbon footprint reduction.,Energy-efficient hardware procurement. Data center cooling optimization. Server virtualization for consolidation. Cloud migration for efficiency. Equipment lifecycle extension. Renewable energy sourcing.,General IT Support,low | |
| GEN027,Digital transformation strategy for administrative processes.,Process analysis and optimization. Technology selection for digitization. Change management for adoption. Metrics for transformation success. Continuous improvement cycle. Stakeholder engagement throughout.,General IT Support,low | |
| GEN028,IT talent development and retention strategies.,Career path development. Training and certification programs. Mentoring and coaching. Competitive compensation. Flexible work arrangements. Recognition and rewards.,General IT Support,low | |
| GEN029,IT risk management framework.,Risk identification and assessment. Risk treatment strategies. Risk monitoring and reporting. Integration with enterprise risk management. Regular risk reviews. Risk-aware decision making.,General IT Support,medium | |
| GEN030,Business continuity and disaster recovery testing.,Regular tabletop exercises. Full-scale disaster recovery tests. Lessons learned and improvement plans. Coordination with business units. Documentation updates based on tests. Compliance with regulatory requirements.,General IT Support,high | |
| NET031,Software-defined networking (SDN) implementation.,Centralized network management and automation. Dynamic traffic engineering. Network virtualization. Integration with cloud environments. Security policy automation. Skills development for network team.,Network & Connectivity,medium | |
| SEC031,Extended detection and response (XDR) platform.,Cross-domain threat detection. Automated investigation and response. Threat intelligence integration. Hunting capabilities. Compliance reporting. Integration with existing security tools.,Security & Compliance,high | |
| ACC031,Passwordless authentication implementation.,FIDO2 security keys. Windows Hello for Business. Mobile authenticator apps. Biometric authentication. Phishing resistance benefits. User education and rollout plan.,Account & Access,medium | |
| SOF031,Low-code/no-code platform governance.,Approved platforms list. Development standards and best practices. Security review process. Data governance integration. Training and support. Monitoring and audit of applications.,Software & Applications,medium | |
| HRD031,Internet of Things (IoT) device management.,IoT device registration and inventory. Network segmentation for IoT. Security baseline for IoT devices. Monitoring for anomalous behavior. Firmware update management. End-of-life planning.,Hardware & Equipment,high | |
| EML031,Email data classification and labeling.,Automatic classification based on content. Manual labeling options. Protection actions based on classification. User training on proper labeling. Compliance reporting. Integration with DLP.,Email & Communication,medium | |
| DAT031,Data fabric architecture implementation.,Unified data management across environments. Metadata-driven data integration. Self-service data access. Data quality and governance. AI/ML integration. Hybrid and multi-cloud support.,Data Management,medium | |
| SYS031,Edge computing infrastructure for research.,Low-latency processing near data sources. Integration with central cloud. Security for distributed edge nodes. Management and monitoring. Use cases identification. Cost-benefit analysis.,System Administration,medium | |
| CLS031,Adaptive learning platform integration.,Personalized learning paths. Integration with existing LMS. Content development support. Analytics on learning effectiveness. Faculty training. Student orientation.,Classroom/Lab Support,medium | |
| GEN031,IT service management (ITSM) maturity assessment.,Current state assessment against best practices. Gap analysis and improvement roadmap. Process optimization. Technology tool evaluation. Metrics for maturity progression. Regular reassessment.,General IT Support,low | |
| NET021,How to set up a secure wireless access point for a department event?,"Submit temporary wireless network request at least 5 business days in advance. Provide event details, expected attendees, duration, and security requirements. Guest network will be provisioned with unique SSID and password. Bandwidth limits apply. Network automatically disabled after event. Technical support available during event.",Network & Connectivity,medium | |
| NET022,Cannot access network resources after changing office location.,New network port may need activation. Submit port activation request with building and room number. VLAN configuration may differ between locations. Update static IP if assigned. Network profile may need refreshing. Allow 2 business days for port activation.,Network & Connectivity,medium | |
| NET023,Internet connectivity lost after power outage.,Check if network equipment has power. Wait 10 minutes for automatic recovery. Reboot network switch if accessible. Report building-wide outages to facilities. Critical network equipment has UPS backup. Contact IT if not restored within 30 minutes.,Network & Connectivity,high | |
| NET024,How to configure QoS for video conferencing traffic?,"QoS automatically applied for recognized video conferencing services (Zoom, Teams). Ensure using institution-approved services. Wired connection recommended for critical meetings. Home network QoS not managed by institution. For special events, request priority bandwidth allocation.",Network & Connectivity,low | |
| NET025,Network latency issues affecting real-time applications.,Run traceroute to identify bottleneck. Check if using WiFi vs wired connection. Background updates may be consuming bandwidth. Test during different times of day. Some applications have specific port requirements. Contact IT with traceroute results for investigation.,Network & Connectivity,medium | |
| SEC021,How to conduct a security risk assessment for a new project?,"Submit project security assessment request early in planning. Include system architecture, data types, users, and integrations. Security team provides threat modeling and controls recommendations. Follow secure development lifecycle. Regular security reviews throughout project. Final security sign-off required before launch.",Security & Compliance,medium | |
| SEC022,Need to comply with GDPR for international research data.,Data protection impact assessment required. Implement data minimization and pseudonymization. Data processing agreements needed for international transfers. Designate data protection officer contact. Right to erasure procedures. Regular compliance audits.,Security & Compliance,high | |
| SEC023,Social engineering attempt detected - caller asking for credentials.,Do NOT provide any information. Note caller details and report immediately to IT Security. Alert department colleagues. Review security awareness training. These attempts often increase during semester starts. IT may send campus-wide alert if pattern detected.,Security & Compliance,critical | |
| SEC024,Unauthorized software installation detected on network.,Software will be automatically removed if violates policy. User notified with instructions. Repeated violations may result in network access suspension. Approved software available through software center. Development software requires separate approval process.,Security & Compliance,medium | |
| SEC025,Need to implement least privilege access for administrative accounts.,Review current permissions and reduce to minimum necessary. Separate user and admin accounts. Use Just-In-Time elevation where possible. Regular review of privileged access. Monitor admin account usage. Implement approval workflow for privilege use.,Security & Compliance,high | |
| ACC021,Account synchronization delay between systems.,"Normal sync cycle is 15 minutes. Major syncs occur hourly. Emergency sync available for critical needs. Check source system (HR for employees, registrar for students). Manual override possible with approval. Report sync failures exceeding 2 hours.",Account & Access,medium | |
| ACC022,Need to access system as another user for troubleshooting.,Submit impersonation request with justification and duration. Requires manager approval. Logging of all actions performed. Limited to 4 hours maximum. Emergency impersonation available for critical systems. Regular audit of impersonation logs.,Account & Access,high | |
| ACC023,Digital certificate expiration causing access issues.,Renew certificate before expiration date. Self-service portal for certificate renewal. Test new certificate in staging environment. Update all applications using certificate. Monitor for expiration warnings 30 days in advance. Emergency certificate issuance available.,Account & Access,high | |
| ACC024,Biometric authentication not working consistently.,"Clean sensor and retry enrollment. Update biometric drivers. Some changes (weight, injury) may require re-enrollment. Alternative authentication methods available. Biometric data stored locally only. Technical support for hardware issues.",Account & Access,medium | |
| ACC025,Access request workflow automation needed.,Use identity management system for automated provisioning. Define roles and approval workflows. Integration with HR system for joiner/mover/leaver processes. Self-service access requests with manager approval. Regular access certifications. Audit trail for compliance.,Account & Access,low | |
| SOF021,Software compatibility issues after OS upgrade.,Check software vendor for compatibility statement. Some software requires specific OS versions. Virtualization or compatibility mode may help. Contact software vendor for patches. Legacy software may need replacement. Test in isolated environment before deployment.,Software & Applications,high | |
| SOF022,Need to automate software deployment across department.,"Use software distribution system (SCCM, Jamf). Package software with silent install options. Test deployment on pilot group first. Schedule deployments during maintenance windows. Provide user notifications. Rollback plan essential.",Software & Applications,medium | |
| SOF023,Software license server not responding.,Check license server status page. Restart license manager service. Verify network connectivity to server. Check license file expiration. Failover to backup server if configured. Contact vendor for license server issues.,Software & Applications,high | |
| SOF024,Custom software development for department needs.,Submit project request with requirements. Development team assesses feasibility and timeline. Agile development methodology used. User acceptance testing required. Maintenance and support agreement needed. Consider commercial off-the-shelf alternatives first.,Software & Applications,low | |
| SOF025,Software training materials and documentation.,Knowledge base articles available. Video tutorials for common tasks. In-person workshops scheduled monthly. Quick reference guides for department software. Training environment for practice. Custom training for department-specific workflows.,Software & Applications,low | |
| HRD021,Computer fan running loudly constantly.,Clean dust from vents and fans. Check for processes using high CPU. May indicate failing fan or thermal paste. Use compressed air for cleaning. Hardware diagnostics available. Replace fan if bearings failing.,Hardware & Equipment,medium | |
| HRD022,Need ergonomic assessment and equipment.,"Submit ergonomic assessment request. Specialist will evaluate workstation setup. Recommendations for chairs, desks, monitors, etc. Approved equipment available through procurement. Follow-up assessment after adjustments. Priority for medical accommodations.",Hardware & Equipment,low | |
| HRD023,Tablet device not syncing with institutional systems.,Install mobile device management profile. Ensure using institution-approved apps. Check sync settings in each app. Some systems require VPN for off-campus sync. Clear app cache and retry. Factory reset as last resort.,Hardware & Equipment,medium | |
| HRD024,Digital signage hardware not updating content.,Check network connectivity of signage player. Restart signage software. Verify content schedule is active. Update signage player software. Test with simple content first. Contact digital signage team for support.,Hardware & Equipment,medium | |
| HRD025,Conference room AV system integration issues.,Check control system programming. Update firmware on all components. Test each component individually. Cabling may need verification. Room may need re-calibration. Contact AV integration specialist.,Hardware & Equipment,medium | |
| EML021,Email search returning too many results.,"Use advanced search operators (from:, subject:, has:attachment). Specify date ranges. Search within specific folders. Use Boolean operators (AND, OR, NOT). Index may need rebuilding for precise results. Consider using desktop search tools.",Email & Communication,low | |
| EML022,Need to archive departmental email for record keeping.,Use mailbox archive feature. Set retention policies for different folders. Export to PST for long-term storage. Consider using SharePoint for collaborative records. Legal hold may be required for certain communications. Consult records management for requirements.,Email & Communication,low | |
| EML023,Email client rules not executing properly.,Check rule order - rules execute in order listed. Some rules only work when client is running. Server-side vs client-side rules distinction. Test with simple rule first. Too many rules may cause conflicts. Consider using inbox rules instead of client rules.,Email & Communication,low | |
| EML024,Unsubscribe not working from mailing lists.,Use institutional mailing list management portal. Some lists require owner approval to unsubscribe. Global unsubscribe available for all institutional lists. Report spam if unsubscribe fails. Marketing emails have unsubscribe requirements by law.,Email & Communication,low | |
| EML025,Email encryption for sensitive communications.,Use 'Encrypt' option in Outlook for internal emails. External recipients receive portal link for secure viewing. Encrypted email subject line indicates secure message. Training available on proper use. Some data types require mandatory encryption. Audit logging of encrypted messages.,Email & Communication,medium | |
| DAT021,Data deduplication to save storage space.,Enabled on primary storage arrays. Deduplication ratios typically 2:1 to 10:1. Backup storage has additional deduplication. Not suitable for already compressed data. Performance impact minimal. Reporting available on space savings.,Data Management,low | |
| DAT022,Need to implement data loss prevention for department.,"Define sensitive data patterns for your department. Create DLP policies with appropriate actions (block, encrypt, notify). Test policies in audit mode first. Train users on data handling. Regular review of DLP incidents. Adjust policies based on false positives.",Data Management,medium | |
| DAT023,Database replication for high availability.,Transactional replication for reporting databases. Merge replication for distributed updates. Snapshot replication for reference data. Log shipping for disaster recovery. Monitor replication latency. Failover testing required quarterly.,Data Management,high | |
| DAT024,Data quality monitoring and cleansing.,"Implement data validation rules at entry points. Regular data quality audits. Automated cleansing routines for known issues. Data steward responsible for quality. Metrics for data completeness, accuracy, timeliness. Continuous improvement process.",Data Management,medium | |
| DAT025,File share permissions too complex to manage.,Simplify using group-based permissions. Regular permission reviews and cleanup. Implement inheritance where possible. Document permission structure. Consider migrating to SharePoint for better management. Automated permission reporting.,Data Management,medium | |
| SYS021,System imaging not working for new computer models.,Update driver repository for new hardware. Modify task sequences for different models. Test imaging on pilot devices first. Some hardware requires specific driver injection. BIOS settings may need standardization. Contact imaging team for new model support.,System Administration,high | |
| SYS022,Need to automate server patching process.,Use patch management system for scheduling. Create maintenance windows for different server groups. Pre-production testing before production deployment. Backout plans for failed patches. Compliance reporting. Emergency patching process for critical vulnerabilities.,System Administration,medium | |
| SYS023,System performance baseline deviation detected.,Compare current metrics to established baseline. Check for recent changes or updates. Monitor for trending degradation. Performance tuning may be required. Consider capacity increase if growth-related. Root cause analysis for sudden changes.,System Administration,medium | |
| SYS024,Virtual machine resource contention issues.,Check host resource utilization. Right-size VMs based on actual usage. Implement resource pools and limits. Consider vMotion to less loaded host. Monitor for noisy neighbor VMs. Regular capacity planning for virtualization cluster.,System Administration,medium | |
| SYS025,Need to implement configuration management database.,Define CI (Configuration Item) types and relationships. Automate discovery where possible. Establish change management integration. Use for impact analysis and incident management. Regular CMDB audits for accuracy. Training for CMDB users.,System Administration,low | |
| CLS021,Student response data not saving from classroom system.,"Check internet connectivity during session. Ensure software is logged in with correct account. Data may be stored locally until synced. Export data immediately after session. Use backup collection method (paper, alternative tool). Test data saving before important session.",Classroom/Lab Support,high | |
| CLS022,Need to schedule recurring classroom technology training.,Book through faculty development center. Monthly workshops on different topics. Department-specific sessions available. Just-in-time training before semester starts. Online resources for self-paced learning. Feedback used to improve training.,Classroom/Lab Support,low | |
| CLS023,Classroom recording quality issues (audio/video).,Check microphone placement and levels. Lighting adjustments for video quality. Camera positioning and focus. Test recording before important session. Use lapel mic for better audio. Post-production editing available for important recordings.,Classroom/Lab Support,medium | |
| CLS024,Lab software license insufficient for class size.,Submit license increase request with course details. Explore concurrent licensing options. Consider virtual lab for overflow. Schedule lab sessions in shifts. Some software has student home-use options. Budget planning for future license needs.,Classroom/Lab Support,high | |
| CLS025,Classroom technology not accessible for student with disability.,Contact disability services for accommodations. Adjustable furniture available. Assistive technology installed on request. Training for faculty on inclusive technology use. Pre-class testing with student if possible. Alternative formats for materials.,Classroom/Lab Support,high | |
| GEN021,IT service catalog not up to date.,Service owners responsible for catalog updates. Quarterly review cycle for all services. Change management for service modifications. Customer feedback incorporated. Training for service owners on catalog management. Automated notifications for service changes.,General IT Support,low | |
| GEN022,Need to benchmark IT services against peer institutions.,"Participate in industry benchmarking surveys. Peer comparisons available through consortiums. Focus on service quality, cost, and innovation. Action plans for areas needing improvement. Regular benchmarking (annual or bi-annual). Share results with stakeholders.",General IT Support,low | |
| GEN023,IT communication strategy for major changes.,Multi-channel communication plan. Early notification for disruptive changes. Clear explanation of benefits and impacts. Feedback mechanism for concerns. Training and support resources. Post-implementation follow-up.,General IT Support,medium | |
| GEN024,Managing expectations for IT service delivery.,Clear service level agreements published. Realistic timelines communicated. Regular progress updates. Managing scope changes formally. Customer education on IT processes. Transparent reporting on performance.,General IT Support,low | |
| GEN025,IT innovation lab or sandbox environment.,Dedicated environment for testing new technologies. Available to faculty and students for innovation projects. Limited support for experimental setups. Regular showcases of innovative projects. Connection to academic programs. Resource allocation based on proposal.,General IT Support,low | |
| NET026,Network segmentation for research lab security.,Submit network segmentation request with security requirements. Isolated VLAN with controlled access points. Firewall rules between segments. Monitoring for unusual cross-segment traffic. Regular security reviews. Segmentation based on data sensitivity.,Network & Connectivity,high | |
| NET027,Load balancing configuration for high-traffic web service.,Global load balancer for geographic distribution. Health checks for backend servers. SSL termination at load balancer. Session persistence configuration. Auto-scaling integration. Performance monitoring and alerting.,Network & Connectivity,medium | |
| NET028,Multicast networking for video streaming applications.,Enable multicast routing on network devices. Configure IGMP snooping. Bandwidth allocation for multicast traffic. Source-specific multicast for security. Testing in isolated network first. Not all network segments support multicast.,Network & Connectivity,medium | |
| NET029,Network time protocol (NTP) synchronization issues.,"Use institutional NTP servers (ntp1.institution.edu, ntp2.institution.edu). Configure clients to sync regularly. Check firewall rules for port 123. Stratum 1 time sources available. Monitoring for time drift. Critical for authentication and logging.",Network & Connectivity,medium | |
| NET030,Wireless mesh network for outdoor areas.,Outdoor wireless access points with mesh capability. Weatherproof enclosures and lightning protection. Coverage maps for planning. Bandwidth planning for expected usage. Maintenance schedule for outdoor equipment. Emergency power backup.,Network & Connectivity,low | |
| SEC026,Third-party security assessment for vendor software.,Require vendor to provide recent security assessment. Independent penetration testing for critical systems. Review of security controls and practices. Contractual security requirements. Regular re-assessment for ongoing services. Risk acceptance for any deficiencies.,Security & Compliance,high | |
| SEC027,Security operations center (SOC) monitoring alerts.,24/7 monitoring of security events. Tiered response structure. Automated alert correlation. Threat intelligence integration. Regular threat hunting exercises. Metrics for detection and response times.,Security & Compliance,critical | |
| SEC028,Digital forensics investigation procedures.,Preserve chain of evidence. Imaging of affected systems. Timeline analysis of events. Correlation across multiple systems. Legal hold considerations. Expert testimony preparation if needed.,Security & Compliance,critical | |
| SEC029,Security architecture review for new application.,Threat modeling during design phase. Security requirements specification. Code review for security flaws. Penetration testing before production. Security training for development team. Ongoing security monitoring post-deployment.,Security & Compliance,high | |
| SEC030,Zero trust network access implementation.,Identity-based access control. Micro-segmentation of network. Continuous authentication. Device health checking. Least privilege access. Monitoring and analytics.,Security & Compliance,medium | |
| ACC026,Just-in-time access provisioning for temporary needs.,Time-bound access requests. Automated approval workflows. Self-service access requests. Automatic revocation after duration. Usage monitoring during access period. Integration with project management tools.,Account & Access,medium | |
| ACC027,Access certification campaign management.,Regular access reviews for all systems. Manager certification of employee access. Exception management process. Automated reminders and escalations. Compliance reporting. Continuous improvement based on findings.,Account & Access,medium | |
| ACC028,Privileged access management (PAM) solution.,Vault for privileged credentials. Session recording and monitoring. Just-in-time elevation. Approval workflow for privileged access. Integration with ticketing system. Regular audit of privileged access.,Account & Access,high | |
| ACC029,Multi-factor authentication fatigue attacks.,Implement number matching in MFA prompts. Limit MFA attempts. User education on MFA attacks. Context-aware authentication. Monitoring for unusual MFA patterns. Alternative authentication methods available.,Account & Access,high | |
| ACC030,Identity governance for compliance requirements.,Define identity lifecycle processes. Role-based access control. Segregation of duties controls. Access certification automation. Audit trail for compliance reporting. Regular policy reviews.,Account & Access,medium | |
| SOF026,Software bill of materials (SBOM) requirements.,Generate SBOM for all developed software. Include open source and third-party components. Vulnerability assessment based on SBOM. Supply chain security tracking. Required for certain compliance standards. Integration with security tools.,Software & Applications,medium | |
| SOF027,Container security scanning and management.,Scan container images for vulnerabilities. Use trusted base images. Regular updates of container images. Runtime security monitoring. Registry scanning for compliance. Integration with CI/CD pipeline.,Software & Applications,high | |
| SOF028,Software vulnerability management process.,Regular vulnerability scanning. Risk-based prioritization of fixes. Patching timelines based on severity. Testing patches before deployment. Emergency patching process. Reporting on vulnerability status.,Software & Applications,high | |
| SOF029,API security testing and protection.,Authentication and authorization for all APIs. Rate limiting and throttling. Input validation and sanitization. Regular security testing of APIs. API gateway for centralized security. Monitoring for abnormal API usage.,Software & Applications,high | |
| SOF030,Software supply chain security measures.,Verify integrity of downloaded software. Use signed packages from trusted sources. Dependency checking for vulnerabilities. Build process security. Delivery integrity verification. Incident response for supply chain attacks.,Software & Applications,critical | |
| HRD026,Hardware security module (HSM) for cryptographic operations.,Dedicated HSM for key management. FIPS 140-2 validated devices. Integration with applications requiring crypto. Regular firmware updates. Physical security requirements. Backup and recovery procedures.,Hardware & Equipment,high | |
| HRD027,Industrial control system (ICS) security for labs.,Network segmentation from general campus network. Specialized security controls for ICS. Regular vulnerability assessments. Physical access controls. Incident response plan for ICS. Training for lab personnel.,Hardware & Equipment,high | |
| HRD028,Hardware tamper detection and response.,Tamper-evident seals on critical equipment. Physical intrusion detection. Remote wipe capability for mobile devices. Hardware security features (TPM). Regular physical inspections. Incident response for suspected tampering.,Hardware & Equipment,critical | |
| HRD029,Supply chain security for hardware procurement.,Vendor security assessments. Hardware authenticity verification. Firmware integrity checking. Secure delivery and installation. Monitoring for counterfeit components. Lifecycle management including secure disposal.,Hardware & Equipment,medium | |
| HRD030,Hardware-based authentication tokens.,FIDO2 security keys for phishing-resistant authentication. Smart cards for physical access and login. Token management system. Loss/theft reporting procedures. Backup authentication methods. User training on token use.,Hardware & Equipment,medium | |
| EML026,Email authentication failures causing delivery issues.,"Check SPF, DKIM, DMARC configuration. Ensure sending infrastructure included in SPF. Monitor authentication reports. Warm-up new IP addresses for email sending. Test authentication before bulk sends. Contact email administrators for configuration help.",Email & Communication,high | |
| EML027,Email continuity during outage or maintenance.,Webmail access typically remains available during client outages. Mobile access may work when desktop client fails. Critical communications have alternative channels. Planned maintenance announced in advance. Emergency communications via text alert system. Business continuity planning for extended outages.,Email & Communication,critical | |
| EML028,Cross-tenant communication with external organizations.,Configure external federation if supported. Secure mail gateway for inter-organizational email. Consider encrypted email for sensitive communications. Testing with target organizations. Monitoring for delivery failures. Alternative communication methods for critical messages.,Email & Communication,medium | |
| EML029,Email data sovereignty and residency requirements.,Understand data residency requirements for your data. Institutional email typically resides in regionally located datacenters. Special arrangements possible for sensitive research data. Contractual terms with email provider. Regular compliance verification. User awareness of data location.,Email & Communication,medium | |
| EML030,Email security awareness training effectiveness.,Regular phishing simulation tests. Training completion tracking. Behavior monitoring for click rates. Continuous improvement of training content. Metrics for reduction in security incidents. Tailored training for high-risk groups.,Email & Communication,medium | |
| DAT026,Data catalog for institutional data assets.,Inventory of data assets across institution. Metadata management for discoverability. Data lineage tracking. Data quality indicators. Access request workflow. Integration with analytics tools.,Data Management,low | |
| DAT027,Data masking for non-production environments.,Automated data masking for sensitive fields. Referential integrity preservation. Format-preserving encryption options. Performance testing with masked data. Compliance with data protection regulations. Regular validation of masking effectiveness.,Data Management,medium | |
| DAT028,Blockchain for academic credential verification.,Pilot program for digital diplomas. Integration with student information system. Verification portal for employers. Standards compliance (W3C Verifiable Credentials). User control of credential sharing. Long-term preservation considerations.,Data Management,low | |
| DAT029,Data lake architecture for research analytics.,Centralized repository for structured and unstructured data. Schema-on-read flexibility. Integration with research data sources. Analytics tools and visualization. Data governance framework. Scalable storage and compute.,Data Management,medium | |
| DAT030,Data ethics framework for research projects.,Ethics review for data collection and use. Informed consent processes. Data minimization principles. Bias detection and mitigation. Transparency in data practices. Ongoing ethics oversight.,Data Management,high | |
| SYS026,Infrastructure as code for cloud provisioning.,Terraform or CloudFormation templates. Version control for infrastructure code. Automated testing of infrastructure changes. Consistent environments across stages. Cost optimization through code. Security scanning of infrastructure code.,System Administration,medium | |
| SYS027,Service mesh implementation for microservices.,Istio or Linkerd for service-to-service communication. Traffic management and load balancing. Security policies between services. Observability and monitoring. Canary deployments. Performance optimization.,System Administration,medium | |
| SYS028,GitOps for continuous deployment.,Git as single source of truth for infrastructure and apps. Automated synchronization to target environments. Pull request workflow for changes. Rollback through git revert. Compliance through git history. Integration with CI/CD pipeline.,System Administration,medium | |
| SYS029,Observability platform implementation.,"Metrics, logs, and traces in unified platform. Real-time monitoring and alerting. Historical analysis and trending. Correlation across telemetry sources. AIOps for anomaly detection. Cost optimization for observability data.",System Administration,medium | |
| SYS030,Chaos engineering for system resilience.,Controlled experiments to test system resilience. Failure injection in pre-production. Measurement of system behavior under stress. Learning and improvement from experiments. Gradual expansion to production. Integration with incident response.,System Administration,medium | |
| CLS026,Immersive technology (VR/AR) in classrooms.,Dedicated VR/AR lab available. Curriculum integration support. Equipment checkout for classes. Technical support for setup. Content development resources. Assessment of learning outcomes.,Classroom/Lab Support,low | |
| CLS027,Learning analytics integration with LMS.,Data extraction from learning management system. Analytics dashboard for instructors. Early alert system for at-risk students. Privacy-preserving analytics. Training on data interpretation. Continuous improvement based on insights.,Classroom/Lab Support,medium | |
| CLS028,Digital proctoring solution implementation.,Multiple proctoring options available. Faculty training on effective use. Student orientation on requirements. Accessibility accommodations. Privacy and data protection. Technical support during exams.,Classroom/Lab Support,high | |
| CLS029,Classroom response system integration with gradebook.,Automatic grade synchronization. Attendance tracking. Participation scoring. Data export for analysis. Privacy controls for student data. Training on effective use for assessment.,Classroom/Lab Support,medium | |
| CLS030,Accessible course material creation tools.,Templates for accessible documents. Automated accessibility checking. Alternative format creation. Captioning and transcription services. Training on accessible design. Regular audits of course materials.,Classroom/Lab Support,medium | |
| GEN026,IT sustainability and carbon footprint reduction.,Energy-efficient hardware procurement. Data center cooling optimization. Server virtualization for consolidation. Cloud migration for efficiency. Equipment lifecycle extension. Renewable energy sourcing.,General IT Support,low | |
| GEN027,Digital transformation strategy for administrative processes.,Process analysis and optimization. Technology selection for digitization. Change management for adoption. Metrics for transformation success. Continuous improvement cycle. Stakeholder engagement throughout.,General IT Support,low | |
| GEN028,IT talent development and retention strategies.,Career path development. Training and certification programs. Mentoring and coaching. Competitive compensation. Flexible work arrangements. Recognition and rewards.,General IT Support,low | |
| GEN029,IT risk management framework.,Risk identification and assessment. Risk treatment strategies. Risk monitoring and reporting. Integration with enterprise risk management. Regular risk reviews. Risk-aware decision making.,General IT Support,medium | |
| GEN030,Business continuity and disaster recovery testing.,Regular tabletop exercises. Full-scale disaster recovery tests. Lessons learned and improvement plans. Coordination with business units. Documentation updates based on tests. Compliance with regulatory requirements.,General IT Support,high | |
| NET031,Software-defined networking (SDN) implementation.,Centralized network management and automation. Dynamic traffic engineering. Network virtualization. Integration with cloud environments. Security policy automation. Skills development for network team.,Network & Connectivity,medium | |
| SEC031,Extended detection and response (XDR) platform.,Cross-domain threat detection. Automated investigation and response. Threat intelligence integration. Hunting capabilities. Compliance reporting. Integration with existing security tools.,Security & Compliance,high | |
| ACC031,Passwordless authentication implementation.,FIDO2 security keys. Windows Hello for Business. Mobile authenticator apps. Biometric authentication. Phishing resistance benefits. User education and rollout plan.,Account & Access,medium | |
| SOF031,Low-code/no-code platform governance.,Approved platforms list. Development standards and best practices. Security review process. Data governance integration. Training and support. Monitoring and audit of applications.,Software & Applications,medium | |
| HRD031,Internet of Things (IoT) device management.,IoT device registration and inventory. Network segmentation for IoT. Security baseline for IoT devices. Monitoring for anomalous behavior. Firmware update management. End-of-life planning.,Hardware & Equipment,high | |
| EML031,Email data classification and labeling.,Automatic classification based on content. Manual labeling options. Protection actions based on classification. User training on proper labeling. Compliance reporting. Integration with DLP.,Email & Communication,medium | |
| DAT031,Data fabric architecture implementation.,Unified data management across environments. Metadata-driven data integration. Self-service data access. Data quality and governance. AI/ML integration. Hybrid and multi-cloud support.,Data Management,medium | |
| SYS031,Edge computing infrastructure for research.,Low-latency processing near data sources. Integration with central cloud. Security for distributed edge nodes. Management and monitoring. Use cases identification. Cost-benefit analysis.,System Administration,medium | |
| CLS031,Adaptive learning platform integration.,Personalized learning paths. Integration with existing LMS. Content development support. Analytics on learning effectiveness. Faculty training. Student orientation.,Classroom/Lab Support,medium | |
| GEN031,IT service management (ITSM) maturity assessment.,Current state assessment against best practices. Gap analysis and improvement roadmap. Process optimization. Technology tool evaluation. Metrics for maturity progression. Regular reassessment.,General IT Support,low | |
| NET021,How to set up a secure wireless access point for a department event?,"Submit temporary wireless network request at least 5 business days in advance. Provide event details, expected attendees, duration, and security requirements. Guest network will be provisioned with unique SSID and password. Bandwidth limits apply. Network automatically disabled after event. Technical support available during event.",Network & Connectivity,medium | |
| NET022,Cannot access network resources after changing office location.,New network port may need activation. Submit port activation request with building and room number. VLAN configuration may differ between locations. Update static IP if assigned. Network profile may need refreshing. Allow 2 business days for port activation.,Network & Connectivity,medium | |
| NET023,Internet connectivity lost after power outage.,Check if network equipment has power. Wait 10 minutes for automatic recovery. Reboot network switch if accessible. Report building-wide outages to facilities. Critical network equipment has UPS backup. Contact IT if not restored within 30 minutes.,Network & Connectivity,high | |
| NET024,How to configure QoS for video conferencing traffic?,"QoS automatically applied for recognized video conferencing services (Zoom, Teams). Ensure using institution-approved services. Wired connection recommended for critical meetings. Home network QoS not managed by institution. For special events, request priority bandwidth allocation.",Network & Connectivity,low | |
| NET025,Network latency issues affecting real-time applications.,Run traceroute to identify bottleneck. Check if using WiFi vs wired connection. Background updates may be consuming bandwidth. Test during different times of day. Some applications have specific port requirements. Contact IT with traceroute results for investigation.,Network & Connectivity,medium | |
| SEC021,How to conduct a security risk assessment for a new project?,"Submit project security assessment request early in planning. Include system architecture, data types, users, and integrations. Security team provides threat modeling and controls recommendations. Follow secure development lifecycle. Regular security reviews throughout project. Final security sign-off required before launch.",Security & Compliance,medium | |
| SEC022,Need to comply with GDPR for international research data.,Data protection impact assessment required. Implement data minimization and pseudonymization. Data processing agreements needed for international transfers. Designate data protection officer contact. Right to erasure procedures. Regular compliance audits.,Security & Compliance,high | |
| SEC023,Social engineering attempt detected - caller asking for credentials.,Do NOT provide any information. Note caller details and report immediately to IT Security. Alert department colleagues. Review security awareness training. These attempts often increase during semester starts. IT may send campus-wide alert if pattern detected.,Security & Compliance,critical | |
| SEC024,Unauthorized software installation detected on network.,Software will be automatically removed if violates policy. User notified with instructions. Repeated violations may result in network access suspension. Approved software available through software center. Development software requires separate approval process.,Security & Compliance,medium | |
| SEC025,Need to implement least privilege access for administrative accounts.,Review current permissions and reduce to minimum necessary. Separate user and admin accounts. Use Just-In-Time elevation where possible. Regular review of privileged access. Monitor admin account usage. Implement approval workflow for privilege use.,Security & Compliance,high | |
| ACC021,Account synchronization delay between systems.,"Normal sync cycle is 15 minutes. Major syncs occur hourly. Emergency sync available for critical needs. Check source system (HR for employees, registrar for students). Manual override possible with approval. Report sync failures exceeding 2 hours.",Account & Access,medium | |
| ACC022,Need to access system as another user for troubleshooting.,Submit impersonation request with justification and duration. Requires manager approval. Logging of all actions performed. Limited to 4 hours maximum. Emergency impersonation available for critical systems. Regular audit of impersonation logs.,Account & Access,high | |
| ACC023,Digital certificate expiration causing access issues.,Renew certificate before expiration date. Self-service portal for certificate renewal. Test new certificate in staging environment. Update all applications using certificate. Monitor for expiration warnings 30 days in advance. Emergency certificate issuance available.,Account & Access,high | |
| ACC024,Biometric authentication not working consistently.,"Clean sensor and retry enrollment. Update biometric drivers. Some changes (weight, injury) may require re-enrollment. Alternative authentication methods available. Biometric data stored locally only. Technical support for hardware issues.",Account & Access,medium | |
| ACC025,Access request workflow automation needed.,Use identity management system for automated provisioning. Define roles and approval workflows. Integration with HR system for joiner/mover/leaver processes. Self-service access requests with manager approval. Regular access certifications. Audit trail for compliance.,Account & Access,low | |
| SOF021,Software compatibility issues after OS upgrade.,Check software vendor for compatibility statement. Some software requires specific OS versions. Virtualization or compatibility mode may help. Contact software vendor for patches. Legacy software may need replacement. Test in isolated environment before deployment.,Software & Applications,high | |
| SOF022,Need to automate software deployment across department.,"Use software distribution system (SCCM, Jamf). Package software with silent install options. Test deployment on pilot group first. Schedule deployments during maintenance windows. Provide user notifications. Rollback plan essential.",Software & Applications,medium | |
| SOF023,Software license server not responding.,Check license server status page. Restart license manager service. Verify network connectivity to server. Check license file expiration. Failover to backup server if configured. Contact vendor for license server issues.,Software & Applications,high | |
| SOF024,Custom software development for department needs.,Submit project request with requirements. Development team assesses feasibility and timeline. Agile development methodology used. User acceptance testing required. Maintenance and support agreement needed. Consider commercial off-the-shelf alternatives first.,Software & Applications,low | |
| SOF025,Software training materials and documentation.,Knowledge base articles available. Video tutorials for common tasks. In-person workshops scheduled monthly. Quick reference guides for department software. Training environment for practice. Custom training for department-specific workflows.,Software & Applications,low | |
| HRD021,Computer fan running loudly constantly.,Clean dust from vents and fans. Check for processes using high CPU. May indicate failing fan or thermal paste. Use compressed air for cleaning. Hardware diagnostics available. Replace fan if bearings failing.,Hardware & Equipment,medium | |
| HRD022,Need ergonomic assessment and equipment.,"Submit ergonomic assessment request. Specialist will evaluate workstation setup. Recommendations for chairs, desks, monitors, etc. Approved equipment available through procurement. Follow-up assessment after adjustments. Priority for medical accommodations.",Hardware & Equipment,low | |
| HRD023,Tablet device not syncing with institutional systems.,Install mobile device management profile. Ensure using institution-approved apps. Check sync settings in each app. Some systems require VPN for off-campus sync. Clear app cache and retry. Factory reset as last resort.,Hardware & Equipment,medium | |
| HRD024,Digital signage hardware not updating content.,Check network connectivity of signage player. Restart signage software. Verify content schedule is active. Update signage player software. Test with simple content first. Contact digital signage team for support.,Hardware & Equipment,medium | |
| HRD025,Conference room AV system integration issues.,Check control system programming. Update firmware on all components. Test each component individually. Cabling may need verification. Room may need re-calibration. Contact AV integration specialist.,Hardware & Equipment,medium | |
| EML021,Email search returning too many results.,"Use advanced search operators (from:, subject:, has:attachment). Specify date ranges. Search within specific folders. Use Boolean operators (AND, OR, NOT). Index may need rebuilding for precise results. Consider using desktop search tools.",Email & Communication,low | |
| EML022,Need to archive departmental email for record keeping.,Use mailbox archive feature. Set retention policies for different folders. Export to PST for long-term storage. Consider using SharePoint for collaborative records. Legal hold may be required for certain communications. Consult records management for requirements.,Email & Communication,low | |
| EML023,Email client rules not executing properly.,Check rule order - rules execute in order listed. Some rules only work when client is running. Server-side vs client-side rules distinction. Test with simple rule first. Too many rules may cause conflicts. Consider using inbox rules instead of client rules.,Email & Communication,low | |
| EML024,Unsubscribe not working from mailing lists.,Use institutional mailing list management portal. Some lists require owner approval to unsubscribe. Global unsubscribe available for all institutional lists. Report spam if unsubscribe fails. Marketing emails have unsubscribe requirements by law.,Email & Communication,low | |
| EML025,Email encryption for sensitive communications.,Use 'Encrypt' option in Outlook for internal emails. External recipients receive portal link for secure viewing. Encrypted email subject line indicates secure message. Training available on proper use. Some data types require mandatory encryption. Audit logging of encrypted messages.,Email & Communication,medium | |
| DAT021,Data deduplication to save storage space.,Enabled on primary storage arrays. Deduplication ratios typically 2:1 to 10:1. Backup storage has additional deduplication. Not suitable for already compressed data. Performance impact minimal. Reporting available on space savings.,Data Management,low | |
| DAT022,Need to implement data loss prevention for department.,"Define sensitive data patterns for your department. Create DLP policies with appropriate actions (block, encrypt, notify). Test policies in audit mode first. Train users on data handling. Regular review of DLP incidents. Adjust policies based on false positives.",Data Management,medium | |
| DAT023,Database replication for high availability.,Transactional replication for reporting databases. Merge replication for distributed updates. Snapshot replication for reference data. Log shipping for disaster recovery. Monitor replication latency. Failover testing required quarterly.,Data Management,high | |
| DAT024,Data quality monitoring and cleansing.,"Implement data validation rules at entry points. Regular data quality audits. Automated cleansing routines for known issues. Data steward responsible for quality. Metrics for data completeness, accuracy, timeliness. Continuous improvement process.",Data Management,medium | |
| DAT025,File share permissions too complex to manage.,Simplify using group-based permissions. Regular permission reviews and cleanup. Implement inheritance where possible. Document permission structure. Consider migrating to SharePoint for better management. Automated permission reporting.,Data Management,medium | |
| SYS021,System imaging not working for new computer models.,Update driver repository for new hardware. Modify task sequences for different models. Test imaging on pilot devices first. Some hardware requires specific driver injection. BIOS settings may need standardization. Contact imaging team for new model support.,System Administration,high | |
| SYS022,Need to automate server patching process.,Use patch management system for scheduling. Create maintenance windows for different server groups. Pre-production testing before production deployment. Backout plans for failed patches. Compliance reporting. Emergency patching process for critical vulnerabilities.,System Administration,medium | |
| SYS023,System performance baseline deviation detected.,Compare current metrics to established baseline. Check for recent changes or updates. Monitor for trending degradation. Performance tuning may be required. Consider capacity increase if growth-related. Root cause analysis for sudden changes.,System Administration,medium | |
| SYS024,Virtual machine resource contention issues.,Check host resource utilization. Right-size VMs based on actual usage. Implement resource pools and limits. Consider vMotion to less loaded host. Monitor for noisy neighbor VMs. Regular capacity planning for virtualization cluster.,System Administration,medium | |
| SYS025,Need to implement configuration management database.,Define CI (Configuration Item) types and relationships. Automate discovery where possible. Establish change management integration. Use for impact analysis and incident management. Regular CMDB audits for accuracy. Training for CMDB users.,System Administration,low | |
| CLS021,Student response data not saving from classroom system.,"Check internet connectivity during session. Ensure software is logged in with correct account. Data may be stored locally until synced. Export data immediately after session. Use backup collection method (paper, alternative tool). Test data saving before important session.",Classroom/Lab Support,high | |
| CLS022,Need to schedule recurring classroom technology training.,Book through faculty development center. Monthly workshops on different topics. Department-specific sessions available. Just-in-time training before semester starts. Online resources for self-paced learning. Feedback used to improve training.,Classroom/Lab Support,low | |
| CLS023,Classroom recording quality issues (audio/video).,Check microphone placement and levels. Lighting adjustments for video quality. Camera positioning and focus. Test recording before important session. Use lapel mic for better audio. Post-production editing available for important recordings.,Classroom/Lab Support,medium | |
| CLS024,Lab software license insufficient for class size.,Submit license increase request with course details. Explore concurrent licensing options. Consider virtual lab for overflow. Schedule lab sessions in shifts. Some software has student home-use options. Budget planning for future license needs.,Classroom/Lab Support,high | |
| CLS025,Classroom technology not accessible for student with disability.,Contact disability services for accommodations. Adjustable furniture available. Assistive technology installed on request. Training for faculty on inclusive technology use. Pre-class testing with student if possible. Alternative formats for materials.,Classroom/Lab Support,high | |
| GEN021,IT service catalog not up to date.,Service owners responsible for catalog updates. Quarterly review cycle for all services. Change management for service modifications. Customer feedback incorporated. Training for service owners on catalog management. Automated notifications for service changes.,General IT Support,low | |
| GEN022,Need to benchmark IT services against peer institutions.,"Participate in industry benchmarking surveys. Peer comparisons available through consortiums. Focus on service quality, cost, and innovation. Action plans for areas needing improvement. Regular benchmarking (annual or bi-annual). Share results with stakeholders.",General IT Support,low | |
| GEN023,IT communication strategy for major changes.,Multi-channel communication plan. Early notification for disruptive changes. Clear explanation of benefits and impacts. Feedback mechanism for concerns. Training and support resources. Post-implementation follow-up.,General IT Support,medium | |
| GEN024,Managing expectations for IT service delivery.,Clear service level agreements published. Realistic timelines communicated. Regular progress updates. Managing scope changes formally. Customer education on IT processes. Transparent reporting on performance.,General IT Support,low | |
| GEN025,IT innovation lab or sandbox environment.,Dedicated environment for testing new technologies. Available to faculty and students for innovation projects. Limited support for experimental setups. Regular showcases of innovative projects. Connection to academic programs. Resource allocation based on proposal.,General IT Support,low | |
| NET026,Network segmentation for research lab security.,Submit network segmentation request with security requirements. Isolated VLAN with controlled access points. Firewall rules between segments. Monitoring for unusual cross-segment traffic. Regular security reviews. Segmentation based on data sensitivity.,Network & Connectivity,high | |
| NET027,Load balancing configuration for high-traffic web service.,Global load balancer for geographic distribution. Health checks for backend servers. SSL termination at load balancer. Session persistence configuration. Auto-scaling integration. Performance monitoring and alerting.,Network & Connectivity,medium | |
| NET028,Multicast networking for video streaming applications.,Enable multicast routing on network devices. Configure IGMP snooping. Bandwidth allocation for multicast traffic. Source-specific multicast for security. Testing in isolated network first. Not all network segments support multicast.,Network & Connectivity,medium | |
| NET029,Network time protocol (NTP) synchronization issues.,"Use institutional NTP servers (ntp1.institution.edu, ntp2.institution.edu). Configure clients to sync regularly. Check firewall rules for port 123. Stratum 1 time sources available. Monitoring for time drift. Critical for authentication and logging.",Network & Connectivity,medium | |
| NET030,Wireless mesh network for outdoor areas.,Outdoor wireless access points with mesh capability. Weatherproof enclosures and lightning protection. Coverage maps for planning. Bandwidth planning for expected usage. Maintenance schedule for outdoor equipment. Emergency power backup.,Network & Connectivity,low | |
| SEC026,Third-party security assessment for vendor software.,Require vendor to provide recent security assessment. Independent penetration testing for critical systems. Review of security controls and practices. Contractual security requirements. Regular re-assessment for ongoing services. Risk acceptance for any deficiencies.,Security & Compliance,high | |
| SEC027,Security operations center (SOC) monitoring alerts.,24/7 monitoring of security events. Tiered response structure. Automated alert correlation. Threat intelligence integration. Regular threat hunting exercises. Metrics for detection and response times.,Security & Compliance,critical | |
| SEC028,Digital forensics investigation procedures.,Preserve chain of evidence. Imaging of affected systems. Timeline analysis of events. Correlation across multiple systems. Legal hold considerations. Expert testimony preparation if needed.,Security & Compliance,critical | |
| SEC029,Security architecture review for new application.,Threat modeling during design phase. Security requirements specification. Code review for security flaws. Penetration testing before production. Security training for development team. Ongoing security monitoring post-deployment.,Security & Compliance,high | |
| SEC030,Zero trust network access implementation.,Identity-based access control. Micro-segmentation of network. Continuous authentication. Device health checking. Least privilege access. Monitoring and analytics.,Security & Compliance,medium | |
| ACC026,Just-in-time access provisioning for temporary needs.,Time-bound access requests. Automated approval workflows. Self-service access requests. Automatic revocation after duration. Usage monitoring during access period. Integration with project management tools.,Account & Access,medium | |
| ACC027,Access certification campaign management.,Regular access reviews for all systems. Manager certification of employee access. Exception management process. Automated reminders and escalations. Compliance reporting. Continuous improvement based on findings.,Account & Access,medium | |
| ACC028,Privileged access management (PAM) solution.,Vault for privileged credentials. Session recording and monitoring. Just-in-time elevation. Approval workflow for privileged access. Integration with ticketing system. Regular audit of privileged access.,Account & Access,high | |
| ACC029,Multi-factor authentication fatigue attacks.,Implement number matching in MFA prompts. Limit MFA attempts. User education on MFA attacks. Context-aware authentication. Monitoring for unusual MFA patterns. Alternative authentication methods available.,Account & Access,high | |
| ACC030,Identity governance for compliance requirements.,Define identity lifecycle processes. Role-based access control. Segregation of duties controls. Access certification automation. Audit trail for compliance reporting. Regular policy reviews.,Account & Access,medium | |
| SOF026,Software bill of materials (SBOM) requirements.,Generate SBOM for all developed software. Include open source and third-party components. Vulnerability assessment based on SBOM. Supply chain security tracking. Required for certain compliance standards. Integration with security tools.,Software & Applications,medium | |
| SOF027,Container security scanning and management.,Scan container images for vulnerabilities. Use trusted base images. Regular updates of container images. Runtime security monitoring. Registry scanning for compliance. Integration with CI/CD pipeline.,Software & Applications,high | |
| SOF028,Software vulnerability management process.,Regular vulnerability scanning. Risk-based prioritization of fixes. Patching timelines based on severity. Testing patches before deployment. Emergency patching process. Reporting on vulnerability status.,Software & Applications,high | |
| SOF029,API security testing and protection.,Authentication and authorization for all APIs. Rate limiting and throttling. Input validation and sanitization. Regular security testing of APIs. API gateway for centralized security. Monitoring for abnormal API usage.,Software & Applications,high | |
| SOF030,Software supply chain security measures.,Verify integrity of downloaded software. Use signed packages from trusted sources. Dependency checking for vulnerabilities. Build process security. Delivery integrity verification. Incident response for supply chain attacks.,Software & Applications,critical | |
| HRD026,Hardware security module (HSM) for cryptographic operations.,Dedicated HSM for key management. FIPS 140-2 validated devices. Integration with applications requiring crypto. Regular firmware updates. Physical security requirements. Backup and recovery procedures.,Hardware & Equipment,high | |
| HRD027,Industrial control system (ICS) security for labs.,Network segmentation from general campus network. Specialized security controls for ICS. Regular vulnerability assessments. Physical access controls. Incident response plan for ICS. Training for lab personnel.,Hardware & Equipment,high | |
| HRD028,Hardware tamper detection and response.,Tamper-evident seals on critical equipment. Physical intrusion detection. Remote wipe capability for mobile devices. Hardware security features (TPM). Regular physical inspections. Incident response for suspected tampering.,Hardware & Equipment,critical | |
| HRD029,Supply chain security for hardware procurement.,Vendor security assessments. Hardware authenticity verification. Firmware integrity checking. Secure delivery and installation. Monitoring for counterfeit components. Lifecycle management including secure disposal.,Hardware & Equipment,medium | |
| HRD030,Hardware-based authentication tokens.,FIDO2 security keys for phishing-resistant authentication. Smart cards for physical access and login. Token management system. Loss/theft reporting procedures. Backup authentication methods. User training on token use.,Hardware & Equipment,medium | |
| EML026,Email authentication failures causing delivery issues.,"Check SPF, DKIM, DMARC configuration. Ensure sending infrastructure included in SPF. Monitor authentication reports. Warm-up new IP addresses for email sending. Test authentication before bulk sends. Contact email administrators for configuration help.",Email & Communication,high | |
| EML027,Email continuity during outage or maintenance.,Webmail access typically remains available during client outages. Mobile access may work when desktop client fails. Critical communications have alternative channels. Planned maintenance announced in advance. Emergency communications via text alert system. Business continuity planning for extended outages.,Email & Communication,critical | |
| EML028,Cross-tenant communication with external organizations.,Configure external federation if supported. Secure mail gateway for inter-organizational email. Consider encrypted email for sensitive communications. Testing with target organizations. Monitoring for delivery failures. Alternative communication methods for critical messages.,Email & Communication,medium | |
| EML029,Email data sovereignty and residency requirements.,Understand data residency requirements for your data. Institutional email typically resides in regionally located datacenters. Special arrangements possible for sensitive research data. Contractual terms with email provider. Regular compliance verification. User awareness of data location.,Email & Communication,medium | |
| EML030,Email security awareness training effectiveness.,Regular phishing simulation tests. Training completion tracking. Behavior monitoring for click rates. Continuous improvement of training content. Metrics for reduction in security incidents. Tailored training for high-risk groups.,Email & Communication,medium | |
| DAT026,Data catalog for institutional data assets.,Inventory of data assets across institution. Metadata management for discoverability. Data lineage tracking. Data quality indicators. Access request workflow. Integration with analytics tools.,Data Management,low | |
| DAT027,Data masking for non-production environments.,Automated data masking for sensitive fields. Referential integrity preservation. Format-preserving encryption options. Performance testing with masked data. Compliance with data protection regulations. Regular validation of masking effectiveness.,Data Management,medium | |
| DAT028,Blockchain for academic credential verification.,Pilot program for digital diplomas. Integration with student information system. Verification portal for employers. Standards compliance (W3C Verifiable Credentials). User control of credential sharing. Long-term preservation considerations.,Data Management,low | |
| DAT029,Data lake architecture for research analytics.,Centralized repository for structured and unstructured data. Schema-on-read flexibility. Integration with research data sources. Analytics tools and visualization. Data governance framework. Scalable storage and compute.,Data Management,medium | |
| DAT030,Data ethics framework for research projects.,Ethics review for data collection and use. Informed consent processes. Data minimization principles. Bias detection and mitigation. Transparency in data practices. Ongoing ethics oversight.,Data Management,high | |
| SYS026,Infrastructure as code for cloud provisioning.,Terraform or CloudFormation templates. Version control for infrastructure code. Automated testing of infrastructure changes. Consistent environments across stages. Cost optimization through code. Security scanning of infrastructure code.,System Administration,medium | |
| SYS027,Service mesh implementation for microservices.,Istio or Linkerd for service-to-service communication. Traffic management and load balancing. Security policies between services. Observability and monitoring. Canary deployments. Performance optimization.,System Administration,medium | |
| SYS028,GitOps for continuous deployment.,Git as single source of truth for infrastructure and apps. Automated synchronization to target environments. Pull request workflow for changes. Rollback through git revert. Compliance through git history. Integration with CI/CD pipeline.,System Administration,medium | |
| SYS029,Observability platform implementation.,"Metrics, logs, and traces in unified platform. Real-time monitoring and alerting. Historical analysis and trending. Correlation across telemetry sources. AIOps for anomaly detection. Cost optimization for observability data.",System Administration,medium | |
| SYS030,Chaos engineering for system resilience.,Controlled experiments to test system resilience. Failure injection in pre-production. Measurement of system behavior under stress. Learning and improvement from experiments. Gradual expansion to production. Integration with incident response.,System Administration,medium | |
| CLS026,Immersive technology (VR/AR) in classrooms.,Dedicated VR/AR lab available. Curriculum integration support. Equipment checkout for classes. Technical support for setup. Content development resources. Assessment of learning outcomes.,Classroom/Lab Support,low | |
| CLS027,Learning analytics integration with LMS.,Data extraction from learning management system. Analytics dashboard for instructors. Early alert system for at-risk students. Privacy-preserving analytics. Training on data interpretation. Continuous improvement based on insights.,Classroom/Lab Support,medium | |
| CLS028,Digital proctoring solution implementation.,Multiple proctoring options available. Faculty training on effective use. Student orientation on requirements. Accessibility accommodations. Privacy and data protection. Technical support during exams.,Classroom/Lab Support,high | |
| CLS029,Classroom response system integration with gradebook.,Automatic grade synchronization. Attendance tracking. Participation scoring. Data export for analysis. Privacy controls for student data. Training on effective use for assessment.,Classroom/Lab Support,medium | |
| CLS030,Accessible course material creation tools.,Templates for accessible documents. Automated accessibility checking. Alternative format creation. Captioning and transcription services. Training on accessible design. Regular audits of course materials.,Classroom/Lab Support,medium | |
| GEN026,IT sustainability and carbon footprint reduction.,Energy-efficient hardware procurement. Data center cooling optimization. Server virtualization for consolidation. Cloud migration for efficiency. Equipment lifecycle extension. Renewable energy sourcing.,General IT Support,low | |
| GEN027,Digital transformation strategy for administrative processes.,Process analysis and optimization. Technology selection for digitization. Change management for adoption. Metrics for transformation success. Continuous improvement cycle. Stakeholder engagement throughout.,General IT Support,low | |
| GEN028,IT talent development and retention strategies.,Career path development. Training and certification programs. Mentoring and coaching. Competitive compensation. Flexible work arrangements. Recognition and rewards.,General IT Support,low | |
| GEN029,IT risk management framework.,Risk identification and assessment. Risk treatment strategies. Risk monitoring and reporting. Integration with enterprise risk management. Regular risk reviews. Risk-aware decision making.,General IT Support,medium | |
| GEN030,Business continuity and disaster recovery testing.,Regular tabletop exercises. Full-scale disaster recovery tests. Lessons learned and improvement plans. Coordination with business units. Documentation updates based on tests. Compliance with regulatory requirements.,General IT Support,high | |
| NET031,Software-defined networking (SDN) implementation.,Centralized network management and automation. Dynamic traffic engineering. Network virtualization. Integration with cloud environments. Security policy automation. Skills development for network team.,Network & Connectivity,medium | |
| SEC031,Extended detection and response (XDR) platform.,Cross-domain threat detection. Automated investigation and response. Threat intelligence integration. Hunting capabilities. Compliance reporting. Integration with existing security tools.,Security & Compliance,high | |
| ACC031,Passwordless authentication implementation.,FIDO2 security keys. Windows Hello for Business. Mobile authenticator apps. Biometric authentication. Phishing resistance benefits. User education and rollout plan.,Account & Access,medium | |
| SOF031,Low-code/no-code platform governance.,Approved platforms list. Development standards and best practices. Security review process. Data governance integration. Training and support. Monitoring and audit of applications.,Software & Applications,medium | |
| HRD031,Internet of Things (IoT) device management.,IoT device registration and inventory. Network segmentation for IoT. Security baseline for IoT devices. Monitoring for anomalous behavior. Firmware update management. End-of-life planning.,Hardware & Equipment,high | |
| EML031,Email data classification and labeling.,Automatic classification based on content. Manual labeling options. Protection actions based on classification. User training on proper labeling. Compliance reporting. Integration with DLP.,Email & Communication,medium | |
| DAT031,Data fabric architecture implementation.,Unified data management across environments. Metadata-driven data integration. Self-service data access. Data quality and governance. AI/ML integration. Hybrid and multi-cloud support.,Data Management,medium | |
| SYS031,Edge computing infrastructure for research.,Low-latency processing near data sources. Integration with central cloud. Security for distributed edge nodes. Management and monitoring. Use cases identification. Cost-benefit analysis.,System Administration,medium | |
| CLS031,Adaptive learning platform integration.,Personalized learning paths. Integration with existing LMS. Content development support. Analytics on learning effectiveness. Faculty training. Student orientation.,Classroom/Lab Support,medium | |
| GEN031,IT service management (ITSM) maturity assessment.,Current state assessment against best practices. Gap analysis and improvement roadmap. Process optimization. Technology tool evaluation. Metrics for maturity progression. Regular reassessment.,General IT Support,low | |
| NET001,I cannot connect to the campus WiFi. What should I do?,"First, ensure you're selecting the correct network 'Eduroam' or 'Campus-Secure'. Forget the network and reconnect with your university credentials. If issues persist, check if other devices can connect. Restart your device's WiFi adapter. Contact IT if problem continues after 15 minutes.",Network & Connectivity,high | |
| SEC001,I received a phishing email asking for my password. What should I do?,Do NOT click any links or provide any information. Forward the email to security@institution.edu and then delete it. Report any suspicious emails immediately. IT will investigate and send alerts if it's a widespread phishing attempt.,Security & Compliance,critical | |
| ACC001,I forgot my network password. How can I reset it?,"Go to password.institution.edu and follow the self-service password reset process. You'll need to verify your identity using your secondary email or phone number. If you cannot reset online, visit the IT help desk with your ID card.",Account & Access,medium | |
| SOF001,Microsoft Office won't activate on my university computer.,"Open any Office application > File > Account > Sign in with your university email. Ensure you're connected to the internet. If activation fails, run the Office Repair tool. For persistent issues, contact IT for license verification.",Software & Applications,medium | |
| HRD001,My work laptop won't turn on. The power light isn't showing.,"1. Try a different power outlet. 2. Check if the charging cable is properly connected. 3. Remove the battery (if removable) and try powering with just the AC adapter. 4. Press and hold power button for 30 seconds. If no response, bring to IT hardware support.",Hardware & Equipment,high | |
| EML001,I can't send emails from my university account.,"Check if you can receive emails first. Verify your outbox isn't full. Ensure you're within email sending limits (500 recipients per day). If using a client like Outlook, check SMTP settings. For webmail, try clearing cache. Contact IT if issue persists.",Email & Communication,medium | |
| DAT001,How do I access network drives from off-campus?,"Use the institution's VPN client to connect first. Once connected, you can access network drives via \\fileserver.institution.edu\ or map the drive. Alternatively, use the web file access portal at files.institution.edu with your credentials.",Data Management,low | |
| SYS001,System updates are required but failing to install.,"1. Ensure you have administrative rights. 2. Check disk space (minimum 10GB free). 3. Run Windows Update Troubleshooter. 4. Temporarily disable antivirus. 5. Manually download updates from Microsoft Catalog. If still failing, IT may need to push updates via management software.",System Administration,medium | |
| CLS001,The classroom projector isn't displaying my laptop.,"1. Ensure projector is powered on. 2. Check cable connections. 3. Press Windows+P (or Mac equivalent) to extend/duplicate display. 4. Try a different input source on projector. 5. Test with another laptop. If issue persists, contact classroom support immediately.",Classroom/Lab Support,high | |
| GEN001,What are IT help desk hours and locations?,"Main IT Help Desk: Mon-Fri 8am-8pm, Sat 10am-4pm. Library Location: Mon-Thu 9am-9pm, Fri 9am-6pm. After-hours emergency line available for critical issues. Remote support available via TeamViewer during business hours.",General IT Support,low | |
| NET002,Why is my internet connection so slow in my office?,1. Run a speed test at speedtest.institution.edu. 2. Check if large downloads/uploads are running. 3. Test with wired connection if possible. 4. Reboot your network switch. 5. Check for network congestion during peak hours. Report consistently slow speeds to IT with test results.,Network & Connectivity,medium | |
| SEC002,Do I need antivirus software on my university computer?,"Yes, all university-owned computers must have the institution-approved antivirus (CrowdStrike/McAfee Enterprise) installed and updated. Personal devices connecting to campus network should also have updated antivirus. Free antivirus is available for students through the software portal.",Security & Compliance,medium | |
| ACC002,How do I request access to specialized research software?,"Submit a software request form via IT portal. Include: software name, version, license requirements, intended use, and department approval. Allow 5-10 business days for evaluation. Some software requires specialized hardware or virtual machine deployment.",Account & Access,low | |
| SOF002,Zoom isn't launching on my computer.,1. Check if Zoom is blocked by firewall/antivirus. 2. Clear Zoom cache: %appdata%\Zoom. 3. Update to latest version. 4. Try web version at institution.zoom.us. 5. Reinstall Zoom using institution's software center. Ensure you have camera/microphone permissions enabled.,Software & Applications,medium | |
| HRD002,My monitor screen is flickering intermittently.,"1. Check cable connections at both ends. 2. Try a different cable. 3. Test monitor with another computer. 4. Update graphics drivers. 5. Adjust refresh rate in display settings. If hardware issue is suspected, submit hardware replacement request.",Hardware & Equipment,medium | |
| EML002,How do I set up email forwarding from my university account?,Login to webmail > Settings > Forwarding. Enter destination email. Choose to keep copy in inbox or not. Note: Official communications must be received in university account. Forwarding sensitive data may violate security policies. Consult IT before forwarding work-related emails.,Email & Communication,low | |
| DAT002,I accidentally deleted an important file. Can it be recovered?,"Check Recycle Bin/Trash first. For network drives: Right-click folder > Properties > Previous Versions. Files are backed up nightly. Submit data recovery request within 30 days of deletion. Provide file path, name, and deletion date. Recovery not guaranteed for local drives.",Data Management,high | |
| SYS002,My computer is displaying blue screen errors frequently.,1. Note error code displayed. 2. Boot in safe mode. 3. Run system diagnostics. 4. Check for driver updates. 5. Test RAM with Windows Memory Diagnostic. 6. Check system logs. May indicate hardware failure. Contact IT immediately with error codes for further diagnosis.,System Administration,high | |
| CLS002,How do I reserve and set up video conferencing in a classroom?,1. Reserve room through scheduling system. 2. Request 'Video Conference Setup' add-on. 3. Arrive 15 minutes early for setup. 4. Test connection using classroom control panel. 5. Technical support available during first 10 minutes of class. Training sessions offered monthly.,Classroom/Lab Support,low | |
| GEN002,What's the policy for personal device usage on university network?,Personal devices allowed but must: 1. Have updated OS/antivirus. 2. Register via device portal. 3. Not interfere with university systems. 4. Comply with acceptable use policy. Bandwidth limits apply. University not responsible for personal device security. Some networks restricted to university devices only.,General IT Support,low | |
| NET003,VPN connection drops every few minutes.,1. Update VPN client to latest version. 2. Switch connection protocol (UDP/TCP). 3. Disable IPv6 on network adapter. 4. Check firewall settings. 5. Try different network (if possible). Collect VPN logs during disconnection for IT analysis. Consider using wired connection for stability.,Network & Connectivity,high | |
| NET004,How do I connect to the eduroam WiFi network?,"Select 'eduroam' network > Enter username as your-email@institution.edu and your institutional password. On first connection, accept the security certificate. If using mobile device, download eduroam CAT app for automatic configuration. Ensure device supports WPA2-Enterprise security.",Network & Connectivity,medium | |
| NET005,Network printer is not responding to print jobs.,1. Check if printer is online and has paper/toner. 2. Clear printer queue on your computer. 3. Reinstall printer driver from institution's print server. 4. Check IP address hasn't changed. 5. Try printing a test page directly from printer. Contact IT if printer shows offline status for more than 30 minutes.,Network & Connectivity,medium | |
| NET006,Can't access certain websites from campus network.,"Some sites may be blocked by content filter. Check if site is accessible via VPN. If research-related, request exception via IT portal with justification. Ensure you're not using personal VPN which might conflict. Some sites block institutional IP ranges - contact site administrator if academic resource.",Network & Connectivity,low | |
| NET007,How to set up a network scanner for department use?,"Submit network device registration form. Provide: device MAC address, location, purpose, and administrator contact. IT will assign static IP and configure firewall rules. Scanning typically uses SMB or FTP protocols. Training required for device administrators. Allow 3-5 business days for setup.",Network & Connectivity,low | |
| NET008,WiFi keeps disconnecting in specific building areas.,"Report location-specific issues with building name, floor, room number, and time of occurrence. Use WiFi analyzer app to check signal strength. May be dead zone requiring additional access point. Temporary solution: Use wired connection if available. IT monitors coverage and plans upgrades annually.",Network & Connectivity,medium | |
| NET009,How to access research database from home?,"Connect via institution VPN or use proxy server. For web resources, use library's EZproxy by adding libproxy.institution.edu to URL. Some databases require individual accounts - check with library. Always access through institution portal to get licensed content. Save articles to institutional cloud storage.",Network & Connectivity,low | |
| NET010,Port is blocked on office network.,"Submit firewall exception request with: port number, protocol (TCP/UDP), source/destination IPs, business justification, and security review. Standard ports (80, 443, 22) generally open. Non-standard ports require security assessment. Allow 5-10 business days for review and implementation.",Network & Connectivity,medium | |
| NET011,Network drive mapping fails with permission error.,1. Verify you have correct permissions for that share. 2. Clear credential manager entries. 3. Map using FQDN: \\fileserver.institution.edu\sharename. 4. Ensure you're on domain network. 5. Check if drive letter conflicts. Request share access via IT portal if needed. Group membership changes may take 15 minutes to propagate.,Network & Connectivity,medium | |
| NET012,Cannot connect to campus VPN from overseas.,Some countries block VPN protocols. Try different protocol (IKEv2 vs SSL). Use institution's global accelerator if available. Consider using virtual desktop instead. Contact IT for region-specific configuration. Emergency access available via web-based remote desktop gateway.,Network & Connectivity,high | |
| NET013,Internet outage in entire department building.,"Check IT status page for outage notifications. Report via emergency line if not already listed. Unplug and replug network equipment after 30 seconds. Critical systems have backup connections. Outage response time: 1 hour for emergency, 4 hours standard. Updates provided every 30 minutes during major incidents.",Network & Connectivity,critical | |
| NET014,How to register a new device on the network?,"Access device registration portal, enter device MAC address, description, owner information. Personal devices limited to 5 per user. Gaming consoles/IoT devices on separate network. Registration valid for 365 days. Enterprise devices auto-registered via Active Directory.",Network & Connectivity,low | |
| NET015,DNS resolution failing on campus network.,"1. Flush DNS cache (ipconfig /flushdns). 2. Use institution DNS servers (10.0.0.1, 10.0.0.2). 3. Check network adapter settings. 4. Try Google DNS (8.8.8.8) temporarily. 5. Report persistent issues to IT. DNS outages affect multiple services simultaneously.",Network & Connectivity,high | |
| SEC003,How to enable two-factor authentication for my account?,"Go to security.institution.edu > Enable 2FA. Choose method: Authenticator app (recommended), SMS, or hardware token. Download Microsoft/Google Authenticator. Scan QR code. Save backup codes securely. 2FA required for all administrative accounts, optional for others but highly recommended.",Security & Compliance,medium | |
| SEC004,My computer is infected with ransomware.,"IMMEDIATELY disconnect from network (unplug Ethernet, disable WiFi). Do NOT pay ransom. Contact IT Security emergency line. Provide detection details. Isolate device physically. IT will contain, investigate, and restore from backups. Report to authorities if sensitive data involved.",Security & Compliance,critical | |
| SEC005,How to securely transfer large research data files?,"Use institution's secure transfer service (globus.org or similar). For sensitive data, use encrypted transfer with PGP. Never use personal cloud storage. Internal transfers use network drives. External transfers require encryption and recipient verification. Consult research computing for datasets >100GB.",Security & Compliance,medium | |
| SEC006,Lost university laptop - what should I do?,1. Immediately report to campus police and IT Security. 2. Change all passwords. 3. Enable remote wipe if configured. 4. File incident report. 5. Check location tracking if enabled. University may cover replacement depending on circumstances. Always use full disk encryption on mobile devices.,Security & Compliance,critical | |
| SEC007,How often should I change my password?,"Institutional policy: Every 90 days for standard accounts, 60 days for privileged accounts. Use passphrases (3+ random words) instead of passwords. Don't reuse passwords across systems. Enable password manager for secure storage. Password changes required after security incidents.",Security & Compliance,low | |
| SEC008,Need to store sensitive student data securely.,"Use approved encrypted storage: network drive with encryption, secure research environment, or encrypted database. Never store on local drives or personal devices. Data classification required: public, internal, confidential, restricted. Restricted data requires additional controls and training.",Security & Compliance,high | |
| SEC009,Received security alert about suspicious login attempt.,Change password immediately if you didn't initiate login. Review recent activity in account security page. Enable 2FA if not already active. Check connected devices and revoke unfamiliar ones. Report to IT Security with alert details. Monitor account for unusual activity.,Security & Compliance,high | |
| SEC010,How to securely dispose of old university computers?,Schedule pickup through IT asset management. Do NOT dispose in regular trash. Data destruction required: physical destruction or certified wiping. Complete asset disposal form. Return to IT with all peripherals. Personal data removal is user responsibility before hand-in.,Security & Compliance,low | |
| SEC011,Website is flagging our institution as dangerous.,This may be due to compromised website on our domain. Contact webmaster and IT Security immediately. Check for malware on web server. Request review from Google Safe Browsing. Update security certificates. Temporary solution: Request removal via webmaster console with verification.,Security & Compliance,critical | |
| SEC012,How to report a security vulnerability?,"Use responsible disclosure: email security@institution.edu with details. Do NOT publicly disclose. Include: vulnerability description, steps to reproduce, potential impact. Security team responds within 48 hours. Bug bounty program available for certain systems. Legal protection for good faith reports.",Security & Compliance,medium | |
| SEC013,Need to share data with external collaborators securely.,"Use institution's collaboration platform with external sharing enabled. Set appropriate permissions (view/edit). Time-limited sharing links recommended. For highly sensitive data, use secure research environment. Data sharing agreements may be required. Consult data governance office first.",Security & Compliance,medium | |
| SEC014,Antivirus detected threat but can't remove it.,"1. Run full system scan in safe mode. 2. Use malware removal tools (Malwarebytes, ADWCleaner). 3. Check quarantine for false positives. 4. Submit sample to IT Security for analysis. 5. Consider system restore if recent infection. Persistent malware may require reimaging.",Security & Compliance,high | |
| SEC015,How to encrypt USB drives for university use?,Use BitLocker (Windows) or FileVault (Mac) for encryption. Institutional encryption software available for download. Password must meet complexity requirements. Recovery key stored in institutional key management. Unencrypted USB drives prohibited for sensitive data. Label encrypted drives clearly.,Security & Compliance,medium | |
| ACC003,New employee needs computer and account setup.,"Submit new hire request form 5 business days before start date. Include: name, employee ID, department, position, required software/hardware. Accounts created automatically from HR data. Equipment ready on first day. Orientation includes IT onboarding session.",Account & Access,medium | |
| ACC004,Can't login to learning management system.,Ensure you're using correct credentials (same as email). Clear browser cache and cookies. Try incognito mode. Check if account is locked (3 failed attempts). Password may have expired. Contact help desk with error message. System maintenance every Sunday 2-4am may cause temporary unavailability.,Account & Access,medium | |
| ACC005,Need access to departmental shared folder.,"Request access via IT portal or department administrator. Specify folder path and required permissions (read, write, modify). Include business justification. Access granted based on role. Changes effective within 1 hour. Training available for collaborative tools.",Account & Access,low | |
| ACC006,Account locked due to multiple failed login attempts.,"Wait 15 minutes for automatic unlock. Use self-service unlock at unlock.institution.edu. Visit help desk with ID for immediate unlock. After 3 lockouts in 24 hours, password reset required. May indicate brute force attack - report suspicious activity.",Account & Access,medium | |
| ACC007,How to request a service account for automated processes?,"Submit service account request with: application name, purpose, owner, required permissions. Password never expires but requires quarterly review. Document usage and security controls. Monitoring required for high-privilege accounts. Allow 3 business days for setup.",Account & Access,low | |
| ACC008,Former employee still has access to systems.,Immediately report to HR and IT. Access should be automatically revoked upon termination. Manual review of all systems may be needed. Check for shared credentials. Audit trail available for 90 days. Emergency termination process available after hours.,Account & Access,critical | |
| ACC009,Need to access systems after graduation/retirement.,Alumni retain email for 1 year. Research data access requires special approval. Library resources available on-campus. Departmental access ends on separation date. Request extensions before leaving. Export personal data before account deactivation.,Account & Access,low | |
| ACC010,Can't access administrative systems from off-campus.,Administrative systems require VPN connection. Additional security layer may require MFA. Some systems restricted to campus IP ranges. Check if system undergoing maintenance. Whitelist home IP address if needed (requires approval). Use virtual desktop for full access.,Account & Access,medium | |
| ACC011,How to delegate email/calendar access to assistant?,"In Outlook: File > Account Settings > Delegate Access. Add delegate with appropriate permissions (reviewer, editor, author). Training recommended for delegates. Document delegation for audit purposes. Review delegations quarterly.",Account & Access,low | |
| ACC012,Requesting elevated privileges for software installation.,"Submit admin rights request with justification, software list, and duration. Temporary admin rights granted for 24 hours. Permanent rights require security training and approval. Software should be from approved sources. Alternative: Use software center for installation.",Account & Access,medium | |
| ACC013,Single sign-on not working for some applications.,Clear browser cache and restart. Try different browser. Check if application requires separate authentication. SSO downtime announced on status page. Some legacy systems not integrated. Contact application owner for system-specific issues.,Account & Access,medium | |
| ACC014,How to merge duplicate accounts?,Contact help desk with both account names. Provide identifying information. Merging preserves data from primary account. Email aliases may be created. Process takes 2-3 business days. Data reconciliation may be required.,Account & Access,low | |
| ACC015,Need guest account for visiting researcher.,"Sponsoring faculty submits guest account request. Include: name, affiliation, duration, required access. Accounts expire automatically. Limited to basic services. Visitor agreement may be required. Review after 90 days.",Account & Access,low | |
| SOF003,MATLAB is running slowly on my computer.,1. Check if using network license vs local. 2. Clear MATLAB cache. 3. Increase Java heap memory in preferences. 4. Use optimized code for large datasets. 5. Consider using MATLAB Online or research computing cluster for intensive tasks. GPU acceleration available on specific workstations.,Software & Applications,medium | |
| SOF004,Adobe Creative Cloud says license invalid.,Sign out and back in with university credentials. Check subscription status at admin console. Limited seats available - may need to free up license. Use web versions if desktop app fails. Contact IT for license pool management. Ensure you're on latest version.,Software & Applications,medium | |
| SOF005,Statistical software (SPSS/R) not working properly.,For SPSS: Check license server connection. For R: Update packages and check dependencies. Clear workspace and restart. Use institution's RStudio Server for better performance. Data size limitations apply to local installations. Consult research computing for large datasets.,Software & Applications,medium | |
| SOF006,Need specialized CAD software for engineering course.,Submit software request with course number and student count. Lab installations prioritized. Some CAD software requires specialized hardware. Virtual lab available for remote access. Student licenses may be limited to lab computers. Allow 2-3 weeks for deployment.,Software & Applications,low | |
| SOF007,Citation manager (EndNote/Zotero) not syncing with library.,Update citation manager to latest version. Check library connector installation. Clear cache and reauthenticate. Use institutional subscription for full features. Web version recommended for collaboration. Library workshops available for training.,Software & Applications,low | |
| SOF008,Video editing software rendering errors.,Check GPU drivers are updated. Ensure sufficient disk space for scratch files. Lower preview quality during editing. Use proxy files for 4K+ footage. Rendering farm available for faculty projects. Consider splitting project into sequences.,Software & Applications,medium | |
| SOF009,Database software (Oracle/SQL Server) connection issues.,Verify connection string parameters. Check if database server is online. Network permissions may be required. Use ODBC driver from institution repository. Development vs production databases have different access. Contact DBA for persistent connection problems.,Software & Applications,high | |
| SOF010,GIS software (ArcGIS/QGIS) crashing with large datasets.,Increase virtual memory allocation. Use file geodatabases instead of shapefiles. Simplify geometry for display purposes. Use layer visibility scaling. Consider using enterprise GIS server for large projects. Training available for optimization techniques.,Software & Applications,medium | |
| SOF011,Programming IDE not connecting to version control.,Check Git/SSH configuration in IDE. Verify SSH keys are loaded. Use HTTPS instead of SSH if behind proxy. Configure IDE to use system Git installation. Check network permissions for port 9418. Command line Git may work if IDE fails.,Software & Applications,medium | |
| SOF012,Virtual machine software not starting.,Enable virtualization in BIOS/UEFI. Check hypervisor requirements. Ensure sufficient RAM allocated. Some antivirus blocks VM execution. Use institution's virtualization platform for resource-intensive VMs. 64-bit guest OS requires 64-bit host.,Software & Applications,medium | |
| SOF013,Chemistry drawing software missing elements/features.,Update to latest version from software portal. Check license level (academic vs professional). Some features require additional modules. Use web-based alternatives for collaboration. Department may have site-specific configuration.,Software & Applications,low | |
| SOF014,Music notation software playback issues.,Check audio output device selection. Update MIDI soundfonts. Adjust buffer size in audio settings. Use ASIO drivers for low latency. External audio interface recommended for professional use. Contact music department for specialized support.,Software & Applications,low | |
| SOF015,Language learning software not recognizing microphone.,Check microphone permissions in OS settings. Test microphone in other applications. Use headset instead of built-in microphone. Update audio drivers. Some browsers restrict microphone access - use desktop app if available.,Software & Applications,low | |
| HRD003,Printer is constantly jamming.,"1. Turn off and unplug printer. 2. Remove all paper and check for obstructions. 3. Clean rollers with lint-free cloth. 4. Use recommended paper type and weight. 5. Check humidity - paper may be damp. 6. Replace worn rollers. If jams persist, request service visit.",Hardware & Equipment,medium | |
| HRD004,Laptop battery not holding charge.,"Check power settings and battery health report. Calibrate battery: fully charge, then discharge completely. Replace if health below 70%. University batteries replaced free within warranty, $75 fee after. Conserve battery by reducing brightness and closing unused apps.",Hardware & Equipment,medium | |
| HRD005,External hard drive not recognized.,1. Try different USB port/cable. 2. Check Disk Management for unallocated drive. 3. Test on another computer. 4. Update USB drivers. 5. Drive may need external power source. Data recovery available for failed drives - do NOT attempt DIY recovery.,Hardware & Equipment,medium | |
| HRD006,Desktop computer making loud grinding noise.,IMMEDIATELY power off to prevent further damage. Likely failing fan or hard drive. Do NOT attempt to use. Contact hardware support for diagnosis. Backup data if possible before repair. Emergency replacement available for critical workstations.,Hardware & Equipment,high | |
| HRD007,Keyboard keys sticking or not responding.,"Clean with compressed air turned upside down. For spills: immediately disconnect, clean with isopropyl alcohol. Check for debris under keys. External keyboard recommended while waiting for repair. Replacement keyboards available for checkout.",Hardware & Equipment,low | |
| HRD008,Monitor has dead pixels.,"If under warranty and exceeding manufacturer's dead pixel policy (usually 3-5), submit replacement request. Try pixel fixing software (rapid color changes). Monitor must be 3+ years old for standard replacement. Temporary loaner available during repair.",Hardware & Equipment,low | |
| HRD009,Docking station not charging laptop.,Check if docking station firmware is updated. Ensure using correct power adapter. Some laptops require specific docking models. Try direct connection to rule out dock issue. BIOS update may be needed for compatibility.,Hardware & Equipment,medium | |
| HRD010,Computer overheating and shutting down.,Clean dust from vents and fans. Ensure adequate ventilation (not on soft surface). Check CPU usage for runaway processes. Thermal paste may need replacement. Laptop cooling pad recommended. Critical temperatures may indicate hardware failure.,Hardware & Equipment,high | |
| HRD011,USB ports not working on computer.,Update chipset drivers. Check Device Manager for errors. Try different USB devices to isolate issue. BIOS settings may disable USB ports. Some ports may be power-only for charging. Hardware failure requires motherboard repair.,Hardware & Equipment,medium | |
| HRD012,Need to connect multiple monitors to desktop.,"Check graphics card capabilities (ports and maximum displays). Use correct adapters (DisplayPort, HDMI, DVI). Configure in display settings. Dock may support multiple monitors. Additional graphics card may be needed beyond 2 displays.",Hardware & Equipment,low | |
| HRD013,Computer beeps on startup and won't boot.,"Count beeps - pattern indicates specific error (memory, graphics, motherboard). Reseat RAM and expansion cards. Clear CMOS. Check power supply connections. Hardware diagnostic available from IT. May require component replacement.",Hardware & Equipment,high | |
| HRD014,Scanner not feeding documents properly.,Clean scanner glass and rollers. Use document feeder for multiple pages. Ensure documents are not wrinkled or stapled. Adjust paper guides. Update scanner drivers. Some scanners have weight/size limitations.,Hardware & Equipment,low | |
| HRD015,Webcam not working in video conferences.,Check privacy settings allow camera access. Test in Camera app first. Update drivers. Try different USB port. Some applications require specific camera resolution. External webcam available for checkout if built-in fails.,Hardware & Equipment,medium | |
| EML003,"Inbox is full, can't receive new emails.",Delete old emails or move to archive. Empty Deleted Items folder. Remove large attachments. Increase quota via request form (requires justification). Auto-archive settings available. Consider using online archive for older emails.,Email & Communication,medium | |
| EML004,How to recall a sent email?,In Outlook: Double-click sent message > Message > Actions > Recall This Message. Only works if recipient hasn't opened email and both using Exchange. Set to delete unread copies or replace with new message. Not guaranteed - consider sending correction instead.,Email & Communication,medium | |
| EML005,Setting up email on mobile device.,"Use Outlook mobile app recommended. Manual setup: IMAP server outlook.office365.com, SMTP smtp.office365.com. Requires Modern Authentication. Device enrollment may be required for security policies. Remote wipe capability enabled for lost devices.",Email & Communication,low | |
| EML006,Email search not finding recent messages.,Rebuild search index in Outlook. Check if searching correct folder. Update Outlook to latest version. Search filters may be limiting results. Use web version for more reliable search. Indexing may take time after large email imports.,Email & Communication,low | |
| EML007,How to create email distribution lists?,"Submit distribution list request with: list name, owner, members, purpose (internal/external). Dynamic lists based on attributes (all-students, faculty-by-department). Review membership annually. External lists require moderation approval.",Email & Communication,low | |
| EML008,Missing emails from specific sender.,Check Junk folder and safe sender list. Search server logs for delivery status. Sender may be blocked by spam filter. Rules may be moving messages. Contact sender to verify they're not receiving bouncebacks. Mail trace available for critical messages.,Email & Communication,medium | |
| EML009,Calendar invites not sending to external users.,External calendar sharing may be restricted. Use meeting links instead of direct invites. Check if external domain accepts calendar items. Some systems block .ics files. Alternative: Send email with details and manual calendar entry.,Email & Communication,low | |
| EML010,Email formatting issues when sending to certain recipients.,Use plain text for maximum compatibility. Avoid fancy fonts and HTML. Test with internal recipient first. Some email clients strip formatting. Attachments may be blocked by recipient's system. Consider PDF for formatted documents.,Email & Communication,low | |
| EML011,Automatic replies (out of office) not working.,Check start/end dates and times. External replies may be disabled. Test by sending to yourself. Rules may be interfering. Mobile device may have different settings. Consider manual reply for critical contacts.,Email & Communication,low | |
| EML012,Need to export email for legal/historical purposes.,Use eDiscovery tools for legal holds. PST export available for archival. Consult records management for retention policies. Chain of custody documentation required. Specialized tools for large-scale exports. Allow 5-10 business days for processing.,Email & Communication,medium | |
| EML013,Email client constantly asking for password.,Clear credential manager entries. Update client to latest version. Check if password expired. Modern authentication may require reconfiguration. Some security policies require frequent reauthentication. Consider using webmail temporarily.,Email & Communication,medium | |
| EML014,How to schedule emails to send later?,In Outlook: Write email > Options > Delay Delivery. Set specific send time. Message stays in Outbox until time. Works with Exchange online. Not available in some mobile clients. Consider time zone differences for recipients.,Email & Communication,low | |
| EML015,Blocking spam from specific sender/domain.,Add to Blocked Senders list in junk email settings. Report spam to IT for global blocking. Be cautious - legitimate senders may use shared services. Create rule to automatically delete. Some spam appears to come from legitimate addresses (spoofing).,Email & Communication,low | |
| DAT003,How much cloud storage do I get?,"Faculty/Staff: 1TB OneDrive, 100GB departmental share. Students: 500GB OneDrive. Research storage: Additional allocation available with justification. Retention: Data kept 1 year after separation. Backups: 30-day version history. Maximum file size: 100GB.",Data Management,low | |
| DAT004,Best way to share large files with colleagues?,"Use OneDrive/SharePoint for collaboration. Set permissions appropriately. Share link with specific people vs anyone. Set expiration dates for sensitive data. For external sharing, require authentication. Sync files for offline access.",Data Management,low | |
| DAT005,Database backup and recovery procedures.,"Production databases: Nightly full backup, hourly transaction logs. Retention: 30 days daily, 12 months monthly. Test restores performed quarterly. Emergency recovery: 4-hour RTO for critical systems. Contact DBA for specific recovery needs. Backup verification required.",Data Management,high | |
| DAT006,Research data storage for long-term preservation.,Use institutional repository for published data. Raw data storage on research computing cluster. Metadata standards required for preservation. Funding agency requirements may apply. Data management plan assistance available. Cost recovery for large storage needs.,Data Management,medium | |
| DAT007,File version history not showing recent changes.,Check if versioning is enabled for document library. Some file types don't support versioning. Manual check-in/out may be required. Version limit may be reached (default 500). Restore previous version if current corrupted. Version comments help track changes.,Data Management,medium | |
| DAT008,Synchronization conflicts between devices.,Check which version is most recent. Sync client may be paused or offline. Resolve conflicts manually - don't rely on auto-merge. Consider using web interface for critical edits. Limit simultaneous editors for sensitive documents. Training available for collaboration tools.,Data Management,medium | |
| DAT009,Data encryption requirements for sensitive information.,"All sensitive data must be encrypted at rest and in transit. Use BitLocker for Windows, FileVault for Mac. Encrypted containers for file-level protection. Email encryption for sensitive communications. Key management through institutional services. Annual security review required.",Data Management,high | |
| DAT010,Migrating data from old server to new system.,Submit migration request 30 days in advance. Provide data inventory and access requirements. Test migration with sample data first. Schedule downtime during low-usage periods. Verify data integrity post-migration. Archive old data according to retention policy.,Data Management,medium | |
| DAT011,File naming conventions and organization standards.,Use descriptive names with dates (YYYY-MM-DD). Avoid special characters. Include version numbers. Follow department-specific conventions. Metadata tagging recommended for searchability. Regular cleanup of temporary files.,Data Management,low | |
| DAT012,Data loss prevention policies and monitoring.,"DLP scans for sensitive data patterns (SSN, credit cards). Alerts generated for policy violations. Automatic blocking of high-risk transfers. Regular audits of data access. User education on data handling. Incident response for confirmed data loss.",Data Management,high | |
| DAT013,Collaborative editing of documents in real-time.,Use Office 365 online apps for real-time co-authoring. SharePoint/OneDrive for file storage. Comments and @mentions for collaboration. Version history tracks all changes. Mobile apps available for editing. Training workshops monthly.,Data Management,low | |
| DAT014,Backup schedule for departmental file shares.,"Incremental backups: Nightly at 2 AM. Full backups: Weekly Saturday at 10 PM. Retention: 30 days daily, 12 months monthly, 7 years yearly. Self-service restore available for 30 days. Emergency restores within 4 hours. Test restores performed quarterly.",Data Management,medium | |
| DAT015,Complying with data retention and destruction policies.,Data classified by type with specific retention periods. Secure destruction required after retention period. Use certified shredding for paper. Digital destruction: multiple overwrites or physical destruction. Documentation required for audit. Regular compliance training.,Data Management,medium | |
| SYS003,"Computer running extremely slow, high disk usage.",Check Task Manager for resource usage. Run malware scan. Clear temporary files. Disable startup programs. Check for failing hard drive (high disk time). Consider hardware upgrade if consistently slow. May need reimaging for performance restoration.,System Administration,high | |
| SYS004,Windows activation failing after hardware change.,Digital license tied to Microsoft account. Reactivate using activation troubleshooter. Enterprise KMS activation should auto-reactivate. May need to wait 24 hours for license server. Contact IT for volume licensing issues. Hardware changes may require reactivation.,System Administration,medium | |
| SYS005,Need to restore computer to factory settings.,Backup all data first. Use recovery partition or installation media. Institutional reimage available with standard software load. Personal software/licenses not restored. Process takes 2-4 hours. Return to IT for professional reimaging recommended.,System Administration,medium | |
| SYS006,Time and date constantly wrong on computer.,Sync with institutional time server (time.institution.edu). Check CMOS battery on desktop. Ensure time zone correct. Domain computers should auto-sync. BIOS update may be needed. Incorrect time affects authentication and logging.,System Administration,medium | |
| SYS007,User profiles corrupt - settings not saving.,Create new user profile and migrate data. Clear profile cache. Check disk space for profile creation. Roaming profiles may have sync issues. Temporary profile indicates corruption. Contact IT for profile repair tools.,System Administration,high | |
| SYS008,Group policy not applying correctly.,Run gpupdate /force. Check event logs for policy errors. Ensure computer/user in correct OU. Some policies require restart. Network connectivity during login affects policy application. Contact system administrators for policy issues.,System Administration,medium | |
| SYS009,Disk space running low on system drive.,"Run Disk Cleanup as administrator. Clear temporary files, recycle bin. Move data to network drives. Uninstall unused applications. Enable storage sense. Consider disk upgrade if consistently low. Critical: Keep 15% free for performance.",System Administration,high | |
| SYS010,Remote desktop connection failing.,Check if remote desktop enabled on target. Verify user has remote access permissions. Firewall may be blocking port 3389. Network level authentication may be required. Use institutional remote access gateway. VPN may be needed for external access.,System Administration,medium | |
| SYS011,System logs showing repeated errors.,"Check Event Viewer for error details. Search knowledge base for error codes. Some errors are benign. Monitor for performance impact. Critical errors (disk, memory) require immediate attention. Log collection tools available for analysis.",System Administration,medium | |
| SYS012,Windows features not installing.,Check if feature requires specific Windows edition. Some features need internet download. DISM tool can repair Windows feature store. Administrator rights required. May need to enable in group policy. Alternative software may be available.,System Administration,low | |
| SYS013,Multiple monitors arrangement resetting.,Save display arrangement in graphics control panel. Check if monitor IDs are changing. Update graphics drivers. Some docking stations don't preserve arrangement. Login scripts may reset displays. Consider using display management software.,System Administration,low | |
| SYS014,Print spooler service constantly stopping.,Clear print queue files. Update printer drivers. Check for corrupt print jobs. Restart print spooler service. Some security software interferes. May indicate malware infection. Consider printer migration to newer server.,System Administration,medium | |
| SYS015,Task scheduler tasks not running.,Check task history for errors. Ensure user account has proper permissions. Tasks may be disabled. Check triggers are set correctly. Some tasks require user to be logged in. Test with simple task first.,System Administration,low | |
| CLS003,Smartboard not responding to touch.,Calibrate using smartboard tools. Check USB connection to computer. Update smartboard drivers. Restart smartboard and computer. Some models require specific software versions. Contact classroom support for on-site calibration.,Classroom/Lab Support,high | |
| CLS004,Document camera not displaying image.,Ensure camera is powered on. Check USB connection. Select correct input on projector. Adjust focus and lighting. Some cameras require specific software. Try different USB port. Loaner cameras available.,Classroom/Lab Support,medium | |
| CLS005,Classroom audio system feedback/echo.,Lower microphone volume. Position speakers away from microphones. Use directional microphones. Check audio mixer settings. Some rooms have automatic feedback suppression. Contact audio-visual support for tuning.,Classroom/Lab Support,medium | |
| CLS006,Student computers in lab not booting.,Check power to entire lab. Network boot may be failing. Imaging server may be offline. Individual computers may need reimaging. Lab reservations may affect availability. Contact lab manager for immediate assistance.,Classroom/Lab Support,high | |
| CLS007,Lecture capture system not recording.,Check schedule for recording times. Ensure system is armed. Verify storage space available. Test with short recording first. Some rooms require manual start. Recordings process overnight - not immediately available.,Classroom/Lab Support,high | |
| CLS008,Clicker/audience response system issues.,Ensure receiver is connected and powered. Check software compatibility. Students may need to register devices. Some systems use mobile apps now. Test before class starts. Backup plan: Use alternative polling method.,Classroom/Lab Support,medium | |
| CLS009,Wireless presentation system not connecting.,Ensure both devices on same network. Some systems require direct WiFi connection. Update presentation software. Restart both computer and receiver. Cable connection backup recommended. Training available for wireless systems.,Classroom/Lab Support,medium | |
| CLS010,Lab software not available on all computers.,Software deployment may be in progress. Some licenses limit concurrent users. Virtual lab may have different software. Request additional installations via lab manager. Software may require specific hardware. Allow 2 weeks for new software deployment.,Classroom/Lab Support,medium | |
| CLS011,Classroom control panel not working.,Check power to control system. Reboot entire system (may take 5 minutes). Some functions may be locked out. Emergency override procedures available. Contact classroom support immediately. Backup controls usually available.,Classroom/Lab Support,high | |
| CLS012,Microphone battery dead during class.,Most classrooms have spare batteries in drawer. Some microphones recharge in dock. Check charging status before class. Lapel and handheld options available. Battery life typically 8-10 hours. Report consistently short battery life.,Classroom/Lab Support,medium | |
| CLS013,Video conferencing camera not tracking speaker.,"Ensure auto-tracking is enabled. Some systems track voice, others motion. Check camera presets. Manual control available during setup. May need recalibration. Fixed camera positions as backup.",Classroom/Lab Support,medium | |
| CLS014,Lab printer out of toner/paper.,Check supply room for replacements. Some labs have automatic notification. Student lab prints limited to 500 pages/semester. Color printing requires authorization. Report empty supplies to lab assistant. Recycling bins for misprints.,Classroom/Lab Support,low | |
| CLS015,Specialized lab equipment computer issues.,Do NOT attempt repairs on specialized equipment. Contact lab manager first. Some equipment requires specific OS versions. Data collection may be time-sensitive. Backup procedures for critical experiments. Service contracts for specialized equipment.,Classroom/Lab Support,high | |
| GEN003,IT procurement process for new equipment.,Submit procurement request with specifications and justification. IT reviews for compatibility and standards. Purchase through approved vendors. Asset tagging upon receipt. Setup and deployment included. Allow 2-3 weeks for standard purchases.,General IT Support,low | |
| GEN004,Disaster recovery procedures for department.,Departmental continuity plans required. Critical systems identified with recovery time objectives. Backup systems and alternate locations. Regular testing of recovery procedures. Emergency communication tree. Annual review and update of plans.,General IT Support,medium | |
| GEN005,IT training opportunities for staff.,Monthly workshops on various topics. Online training library available. Department-specific training on request. Certification reimbursement program. New employee orientation sessions. Training needs assessment available.,General IT Support,low | |
| GEN006,Software licensing compliance requirements.,Annual software audit required. Only approved software allowed. License tracking for all installations. Consequences for non-compliance. Open source alternatives encouraged. Volume licensing for cost savings.,General IT Support,medium | |
| GEN007,Accessibility requirements for digital content.,All digital content must meet WCAG 2.1 AA. Alternative formats available upon request. Captioning for all video content. Accessibility checker tools provided. Training on accessible document creation. Compliance reviews for websites.,General IT Support,medium | |
| GEN008,Green IT initiatives and energy saving.,Computer power management enabled. Double-sided printing default. Equipment recycling program. Virtualization to reduce hardware. Paperless processes encouraged. Energy star equipment purchasing.,General IT Support,low | |
| GEN009,Student worker IT positions and hiring.,Positions posted through career center. Technical skills assessment required. Work-study and regular positions. Training provided. Flexible hours around class schedule. Career development opportunities.,General IT Support,low | |
| GEN010,IT project management and request process.,"Submit project charter for review. Assessed for scope, resources, timeline. Project management office assistance. Regular status reporting. Change control procedures. Post-implementation review.",General IT Support,low | |
| GEN011,Technology fee allocation and usage.,Fee supports student computing resources. Allocation committee with student representation. Annual report on expenditures. Lab upgrades and software licensing. Wireless network improvements. Student technology grants available.,General IT Support,low | |
| GEN012,Classroom technology upgrade schedule.,5-year rotation for classroom technology. Prioritized by usage and age. Summer installation to minimize disruption. Faculty input on upgrades. Pilot programs for new technology. Feedback collected after upgrades.,General IT Support,low | |
| GEN013,IT service catalog and available services.,Online service catalog with descriptions. Service level agreements defined. Request forms for each service. Status tracking for requests. Service hours and response times. Customer satisfaction surveys.,General IT Support,low | |
| GEN014,Emergency notification system testing.,Monthly tests of email/SMS alerts. Annual full-scale test. Opt-out available for test messages. Update contact information annually. Multiple communication channels. Coordination with campus safety.,General IT Support,medium | |
| GEN015,Website content management system support.,Training required for CMS access. Templates for consistent branding. Accessibility compliance checking. Monthly security updates. Backup and version control. Designated webmasters per department.,General IT Support,low | |
| NET016,How to troubleshoot Ethernet connection issues?,1. Check cable is securely plugged in at both ends. 2. Try different Ethernet port on computer. 3. Test with different cable. 4. Check network adapter settings. 5. Update network drivers. 6. Try different network jack in room. 7. Contact IT if link light not showing.,Network & Connectivity,medium | |
| NET017,Setting up a network-attached storage (NAS) device.,Submit NAS registration form with device details. Must meet security standards. Static IP assignment available. Regular security patches required. Backup to institutional storage mandatory. Performance monitoring enabled.,Network & Connectivity,low | |
| NET018,VoIP phone not registering on network.,Check Ethernet connection to phone. Reboot phone. Verify VLAN configuration. Check power over Ethernet (PoE) switch. Update phone firmware. Contact telecom department for provisioning issues.,Network & Connectivity,medium | |
| NET019,Bandwidth monitoring and usage policies.,Fair use policy: 50GB daily limit per user. Traffic shaping during peak hours. No peer-to-peer file sharing. Research traffic prioritized. Usage dashboard available. Excessive use may trigger review.,Network & Connectivity,low | |
| NET020,IPv6 connectivity on campus network.,Dual-stack IPv4/IPv6 enabled campus-wide. Most services IPv6 capable. Some legacy systems IPv4 only. No NAT for IPv6 - direct addressing. Security policies apply equally. Testing available for application compatibility.,Network & Connectivity,low | |
| SEC016,Security awareness training requirements.,Annual training required for all employees. Monthly security tips emailed. Phishing simulation tests quarterly. Specialized training for privileged users. Compliance tracking and reporting. Consequences for non-completion.,Security & Compliance,medium | |
| SEC017,Incident response procedures for data breach.,1. Contain: Isolate affected systems. 2. Assess: Determine scope and impact. 3. Notify: Required disclosures per policy. 4. Eradicate: Remove threat. 5. Recover: Restore systems. 6. Review: Lessons learned. Legal and PR involvement as needed.,Security & Compliance,critical | |
| SEC018,Mobile device management requirements.,Enrollment required for university data access. Minimum OS versions enforced. Remote wipe capability. Encryption required. Jailbroken/rooted devices blocked. Compliance monitoring continuous.,Security & Compliance,medium | |
| SEC019,Cloud service security assessment process.,Vendor security review required before adoption. Data classification determines allowed services. Contract must include security clauses. Regular reassessment of approved services. User training on cloud security. Monitoring for shadow IT.,Security & Compliance,medium | |
| SEC020,Physical security for server rooms and data centers.,"Biometric access control. 24/7 monitoring and logging. Environmental controls (temperature, humidity). Fire suppression systems. Regular security audits. Visitor logs and escort requirements.",Security & Compliance,high | |
| ACC016,Account provisioning for contractors.,Sponsored by department with end date. Limited access based on role. Background check may be required. Regular review of active accounts. Automatic expiration. Different from employee accounts.,Account & Access,medium | |
| ACC017,Role-based access control implementation.,"Access based on job function, not individual. Standard role definitions available. Regular access reviews. Separation of duties enforced. Documentation of role permissions. Automated provisioning where possible.",Account & Access,low | |
| ACC018,Federated identity for external collaborations.,InCommon federation participation. SAML-based authentication. Attribute release policies. Research and education focus. International federations supported. Technical integration assistance available.,Account & Access,low | |
| ACC019,Password manager recommendations and policy.,Enterprise password manager provided. Required for privileged accounts. Master password complexity requirements. Emergency access procedures. Regular password rotation. Integration with single sign-on.,Account & Access,medium | |
| ACC020,Access review and certification process.,Quarterly review of privileged accounts. Semi-annual review of standard accounts. Managers certify employee access. Automated reminders and escalations. Exception documentation required. Audit trail maintained.,Account & Access,medium | |
| SOF016,Software asset management and inventory.,Automated discovery of installed software. License reconciliation quarterly. Compliance reporting. Unapproved software removal. Centralized software repository. Cost optimization through license pooling.,Software & Applications,low | |
| SOF017,Open source software usage policies.,Review required for enterprise use. License compatibility checking. Security assessment of open source components. Contribution policies for institutional developers. Preferred open source alternatives list. Regular updates and patching.,Software & Applications,low | |
| SOF018,Software development tools and environments.,GitLab Enterprise for version control. CI/CD pipeline available. Container registry. Development sandboxes. Code scanning tools. Collaboration with research computing.,Software & Applications,low | |
| SOF019,Legacy software support and migration.,Risk assessment for legacy systems. Virtualization for incompatible software. Source code escrow for critical applications. Gradual migration planning. End-of-life notifications 12 months in advance. Special support agreements possible.,Software & Applications,medium | |
| SOF020,Software testing and quality assurance resources.,Test environments mirroring production. Automated testing frameworks. Performance testing tools. User acceptance testing coordination. Security penetration testing. Documentation standards.,Software & Applications,low | |
| HRD016,Hardware lifecycle management.,4-year replacement cycle for computers. 5-year for servers. 3-year for mobile devices. End-of-life planning. Disposal and recycling procedures. Refresh funding models.,Hardware & Equipment,low | |
| HRD017,Equipment checkout and loaner program.,"Laptops, projectors, cameras available. 7-day loan period typical. Reservation system online. Late fees apply. Damage responsibility. Insurance recommended for expensive equipment.",Hardware & Equipment,low | |
| HRD018,Hardware standardization benefits.,Reduced support complexity. Volume purchasing discounts. Faster imaging and deployment. Known compatibility. Simplified inventory. Training efficiency.,Hardware & Equipment,low | |
| HRD019,Specialized research computing hardware.,High-performance computing cluster. GPU computing resources. Large memory nodes. Research storage arrays. Scientific instrument integration. Grant proposal assistance for hardware.,Hardware & Equipment,medium | |
| HRD020,Hardware warranty and repair services.,Next-business-day repair for critical systems. On-site technicians for enterprise devices. Loaners during extended repairs. Self-maintainer program for departments. Warranty tracking system. After-hours emergency repairs available.,Hardware & Equipment,medium | |
| EML016,Email retention and archiving policies.,7-year retention for business records. Litigation hold capabilities. Journaling for certain roles. Personal email not archived. Self-service search of archives. Export for legal purposes.,Email & Communication,low | |
| EML017,Email marketing and bulk sending guidelines.,Approval required for bulk emails. Opt-out mechanism required. Content review for appropriateness. Staggered sending for large lists. Testing with small sample first. Monitoring for bounce rates.,Email & Communication,low | |
| EML018,"Email authentication (SPF, DKIM, DMARC).","SPF, DKIM, DMARC implemented for institution domain. Monitoring for spoofing attempts. Quarantine for suspicious emails. Reporting to domain owners. Regular policy updates. Assistance for departmental subdomains.",Email & Communication,medium | |
| EML019,Collaboration tools beyond email.,Microsoft Teams for team collaboration. SharePoint for document management. Project management tools available. Video conferencing with recording. Instant messaging. Integration between tools.,Email & Communication,low | |
| EML020,Email migration between systems.,Phased migration approach. Pre-migration training. Data cleanup before migration. Coexistence period. Post-migration support. Archive migration separate from live mail.,Email & Communication,medium | |
| DAT016,Data classification schema and handling.,"4 levels: Public, Internal, Confidential, Restricted. Handling requirements for each level. Labeling standards. Access controls based on classification. Regular classification reviews. Training on data handling.",Data Management,medium | |
| DAT017,Research data management planning.,Data management plan assistance. Storage allocation for projects. Metadata standards. Preservation planning. Sharing and publication support. Compliance with funder requirements.,Data Management,medium | |
| DAT018,Business intelligence and reporting tools.,Data warehouse with institutional data. Self-service reporting tools. Dashboards for key metrics. Data extraction services. Training on data analysis. Governance for data quality.,Data Management,low | |
| DAT019,Database administration and optimization.,Performance monitoring and tuning. Index optimization. Query analysis. Capacity planning. High availability configurations. Backup and recovery strategies.,Data Management,medium | |
| DAT020,Data governance framework and committee.,"Data governance council with representatives. Policies for data quality, access, security. Data stewardship roles. Master data management. Compliance monitoring. Regular policy reviews.",Data Management,low | |
| SYS016,Server virtualization and cloud strategy.,"VMware-based private cloud. Public cloud integration (AWS, Azure). Hybrid cloud options. Cost optimization between environments. Disaster recovery to cloud. Container orchestration available.",System Administration,low | |
| SYS017,Operating system standardization.,Windows 10/11 Enterprise standard. macOS latest supported version. Linux for specific use cases. Regular patching schedule. Security baselines applied. Limited support for non-standard OS.,System Administration,low | |
| SYS018,Monitoring and alerting systems.,24/7 monitoring of critical systems. Alert escalation procedures. Performance baselines. Capacity trending. Root cause analysis tools. Dashboard for system status.,System Administration,medium | |
| SYS019,Change management processes.,"Change advisory board review. Standard, normal, emergency changes. Testing requirements. Backout plans. Documentation requirements. Post-implementation review.",System Administration,medium | |
| SYS020,Capacity planning and performance management.,Regular capacity assessments. Growth trending. Performance benchmarking. Right-sizing recommendations. Budget planning for capacity. Technology refresh planning.,System Administration,low | |
| CLS016,Classroom technology training for faculty.,Monthly workshops on classroom tech. One-on-one training sessions. Online tutorials and guides. New faculty orientation. Just-in-time training before semester. Advanced techniques for experienced users.,Classroom/Lab Support,low | |
| CLS017,Accessible technology in classrooms.,Assistive listening systems. Screen reader compatibility. Captioning services. Accessible furniture arrangements. Training on inclusive teaching tech. Regular accessibility audits.,Classroom/Lab Support,medium | |
| CLS018,Hybrid classroom technology setup.,Dual cameras for instructor and students. Microphones for room and remote participants. Screen sharing for both audiences. Chat moderation tools. Recording capabilities. Technical producer available for important events.,Classroom/Lab Support,medium | |
| CLS019,Lab software deployment and management.,Standard software image with department additions. Application virtualization for conflicting software. License server management. Usage monitoring. Student data management between sessions. Regular updates during breaks.,Classroom/Lab Support,medium | |
| CLS020,Classroom technology support staffing.,Dedicated classroom support team. Extended hours during semester. Rapid response for classroom emergencies. Preventive maintenance schedule. Student worker program. Faculty liaisons for each department.,Classroom/Lab Support,low | |
| GEN016,IT governance and decision-making structure.,IT steering committee with campus representation. Technology advisory groups. Prioritization process for projects. Budget approval process. Policy development and review. Communication of decisions.,General IT Support,low | |
| GEN017,Service level agreements and metrics.,Defined response and resolution times. Availability targets for critical systems. Customer satisfaction targets. Regular service reviews. Performance reporting. Continuous improvement initiatives.,General IT Support,low | |
| GEN018,IT financial management and charging models.,Central funding for core services. Chargeback for specialized services. Transparent cost allocation. Budget planning cycle. Cost optimization initiatives. Financial reporting to stakeholders.,General IT Support,low | |
| GEN019,Vendor management and contract review.,Standard contract terms for IT purchases. Vendor performance evaluation. License compliance management. Relationship management for key vendors. Regular vendor reviews. Negotiation support for departments.,General IT Support,low | |
| GEN020,IT organizational structure and contacts.,Service-based organizational structure. Escalation paths defined. Departmental liaisons. Leadership team contacts. After-hours emergency contacts. Organizational chart available online.,General IT Support,low | |