Information Security Concept

According to the requirements of the "VwV Informationssicherheit" of the state of Baden-Württemberg, the kiz (as well as the university as a whole) has the task of establishing an Information Security Management System (ISMS) in order to guarantee basic IT protection according to the recommendations of the BSI for its central and mission-critical systems. The ISMS at the kiz is part of the service management based on the ITIL process model. The kiz has appointed two Information Security Officers (ISO) to implement the security concept, to comply with security guidelines and to organize and design the underlying security processes in its services and internal operational processes.

Due to the size and decentralised structure of the university, the IT managers of the various departments (e.g. in institutes, faculties, other operating facilities) are also obliged to take appropriate protection and awareness measures for the IT systems they operate and how to deal with them. The University has appointed a Chief Information Security Officer (CISO) as the main contact for all issues relating to information security. He is responsible for the strategic orientation of information security, controls and coordinates the information security process, among other things, and is responsible for implementing the central protection goals. The CISO also coordinates the preparation of an information security concept and other sub-concepts and guidelines.

The kiz and the CISO work closely together. The kiz explicitly provides the university with a number of services relating to IT security and provides a collection of best practice guides and instructions for security-conscious handling of IT applications. However, the content is oriented towards the use of the service portfolio of the kiz. The CISO is responsible for the recommendations, specifications, guidelines and questions on information security in the general context.

As a first step towards institutional anchoring, the Presidential Board of the University of Ulm has adopted a guideline on information security (PDF), which came into force on October 6, 2020. This guideline defines the goals, principles and organization for the information security process (see diagram). The guideline is the basis for the information security concept of the university and the derivation of concrete security guidelines.

Organization of the information security process at Ulm University


Information Security at kiz

Guido A. Hölting & Florian P. Böck
Information Security Officers (ISO)
Phone: +49 (0) 731 / 50 - 30300
Email: kiz(at)

Information Security at University

Rafael Roschinski
Chief Information Security Officer (CISO)
Phone: +49 (0) 731 / 50 - 25183
Email: ciso(at)

Communication and Information Centre (kiz)

Please contact us if you have questions or problems related to the kiz services:

Office hours
Monday - Thursday
09:00 h - 12:00 h and 13:00 h - 15:30 h

Friday 09:00 h - 12:00 h

+49 (0) 731 / 50 - 30000

+49 (0) 731 / 50 - 1230000

Order a Callback
Support Portal (Uni internal)

Service Points are locations where you can visit us personally.


Using self-service functions of the Identity Management System (IDM): Administer permissions, subscribe to services, change passwords.

IDM Self Services

Research in the library stock: monographs, textbooks, magazines, university publications, e-books, e-journals, national licenses, and the contents of the institutional repository OPARU.

library catalogue::local

With about 400 keywords you will get direct access to our services. If something isn't listed, please contact our Internet Editorial Office.

A-Z List