IT General Risk Assessment
A risk is a threat and its potential to affect institutional finances, reputation, security, and compliance. A risk assessment is a process that identifies potential risks and the appropriate mitigations based on impact. IT Security conducts two types of risk assessments: General Risk Assessments and IT Vendor Assessments.
A General Risk Assessment is the identification and review of risks associated with internal processes and procedures. It can be broadly applied and will help narrow next steps for increasing security and lowering risk. Examples of scenarios when this service may be needed are assessing risk associated with the collection and storage of student information, application development and website security, or reviewing information systems that support sensitive research. It is available to all university faculty and staff.
Service Charges or Fees
There are currently no service charges or fees for this service.
What You Can Request
General Risk Assessment
Data Use Agreements (DUA)
Multi-factor Authentication (MFA)
Privileged Account Management (PAM)
Threat Monitoring, Detection, and Response (TMDR)
IT Security Policy Development and Lifecycle
Vulnerability and Systems Posture Assessment (VASPA)
IT Compliance Assessment
IT Security Awareness and Training
IT Security Consulting
IT Vendor Assessment
Security Policy and Compliance