This is a round table discussion on the policies and procedures that need to be in place to meet the requirements of Risk Assessments and Auditors regarding data security. As a basis for discussion by all attendees, Leon County Schools will outline recommendations of their Risk Assessment and questions asked in the recent Auditor IT Self-Assessment in regards to how we secure our data. We will discuss issues like: Do you have a data security agreement in place for software vendors? Do you have a Computer Security Incident Response Team in place? How are you handling the storage of FERPA or confidential data on mobile memory such as memory keys?