|
|
|
 |
|
|||||||||||||
 |
IT Security Information - IT Risk Management
|
||
| The CU-Boulder IT Security Office has developed a risk management framework and risk assessment service to meet campus needs in identifying and mitigating IT related risk. The risk management framework is intended to facilitate periodic, department level IT risk assessments, providing consistent definitions, processes and reports. This will allow departments, and the campus as a whole, to better understand IT related risk and develop both focused and broad steps to address that risk. This framework is designed with existing and draft policies in mind to provide a minimal cost risk assessment option for departments. This document is the primary description of the CU-Boulder IT risk management framework and should be reviewed by management and technology leads. The IT Security Office is happy to meet with departments to discuss risk assessment and management before an assessment, or at any other time. CU-Boulder Risk Management Framework The first step for each department is to inventory and classify information assets. To assist in this step, the IT security office has developed guidance documents and templates which can be found on this webpage: CU-Boulder Guidance on Information Asset Classification
Source material and additional information on IT risk Management:
Contact Information |
|
||
|
|||||||||||
| Support | | | Training | | | Facilities | | | About ITS | | | ITS Home | |||
|
|||||||||||
