Risk Assessment

Information Security Risk Assessment Tutorial

Security Risk Assessment is one of the fundamental building blocks in any information security management system. Risks may involve the unauthorized disclosure or modification of data, loss of information resources or improper use of computer resources. The security risk assessment is a living document, subject to revisions and updates.

Risk management offers alternative strategies for dealing with risk and making it more acceptable. It involves identifying risks, prioritizing them, proposing strategies, allocating resources to carry them out and validating those strategies.

View or print the Information Security Risk Assessment (.pdf, 16 pages)

Security Domain Definition Template

This is a downloadable template for defining the security domain for your campus.

The Security Domain:

Is defined by physical and logical perimeter boundaries
Includes assets that are by definition controllable
Establishes scope of threat analysis
Download Security Domain Definition Template.doc

Security Risk Assessment Template

This template is a spreadsheet tool for assessing the risks to a broad range of information assets.

Download Security Risk Assessment Template.xls

Security Risk Assessment Scales

This is a guide for rating the the "probability" and "harm" factors used in the calculation of risk. This is a single sheet version of the scales. Each scale is also included as separate worksheets in the Security Risk Assesment Template.

Download Security Risk Assessment Scales.doc

Information Technology Systems: A Division of the Office of the Chancellor

Risk Assessment

Information Security Risk Assessment Tutorial

Security Domain Definition Template

Security Risk Assessment Template

Security Risk Assessment Scales