What is the IT Risk Assessment Process?
The IT Risk Assessment Process is a continual exercise conducted by business units to identify, mitigate and monitor information technology risks. This process is aligned with the National Institute of Standards and Technology (NIST) Special Publication 800-39. This is a cyclical process that requires iterative improvements as our organization grows and matures.
Why Does This Matter?
The IT Risk Assessment Process is a fundamental step in an information security risk management program. Regularly conducting information technology risk assessments enables ASU to identify and mitigate information technology risks that threaten our personnel and assets.
IT Risk Assessment Framework
Knowledge (Coming Soon!)
- Risk Framing KB0026484
- Risk Assessment
- Risk Response
- Risk Monitoring
Questions?
Email: DL.WG.ET.Cybersecurity.RiskAnalysis@exchange.asu.edu