风险评估模版(英文)

《风险评估模版(英文)》由会员上传分享，免费在线阅读，更多相关内容在工程资料-天天文库。

1、ITSecurityRA:ITSECURITYRISKASSESSMENTUniversityofConnecticutPreparedby:,DirectorMarch26,2008DateofLastReview:March26,2008StorageLocation:Primary:Alternate:Page17of17ITSecurityRA:TABLEOFCONTENTS:ASSESSMENTOVERVIEW3Purpose:3Scope:3Assumptions:3Location3

2、ContactInformation:3SCREENING4RISKASSESSMENT5TeamRolesandResponsibilities5Planning:6BusinessProcesses7SystemsRequired:7UniqueAssets:8DataonStand-alonePC’s:8HardcopyFiles:9FilesusedbutOwnedbyOtherOrganizations:9OffsiteFileStorageLocations:9NetworkDiagram:10DataFlowDiagrams:10NetworkSurveys:10Previou

3、sRiskAssessment(s):10SecurityProfile:11ThreatIdentification:11VulnerabilityIdentification:11CurrentSafeguardIdentification:12RiskProfile:12ThreatOccurrenceProbability:12ThreatOccurrenceImpact:12OccurrenceExpectedImpact:12AcceptableExpectedImpactLevels:12ImpactStatement:13AdditionalSafeguardOptions:

4、13AdditionalSafeguardRecommendations:13AssessmentInformationTable:14ASSESSMENTMAINTENANCEPROCEDURES:15AssessmentReviewandUpdateProcess:15AssessmentDistributionProcedures:15ADDITIONALDOCUMENTATION:16LocationofSupportingDocumentation:16ASSESSMENTHISTORY:16ASSESSMENTSIGNOFF17Page17of17ITSecurityRA:

5、partmentname>AssessmentOverviewReplacethe“”textentrieswiththenameofyourdepartment.Noteanyassumptionsthatapplytothisriskassessment.Forexample,theremaybeareasofthedepartmentthatarebeingexcludedororganizationalchangesthatmayimpactrisks.Purpose:ThisITSecurityRiskAssessmentwillbeupdatedi

6、nresponsetochangesinthebusinessenvironment.Thewillreviewtheassessmentatleastannually.ThisdocumentrecordstheinformationusedtoassesstheITsecurityrisksforthe.Itincludestheinstructionsforfollowingtheassessmentprocessandrecordingtheconclusionsdrawnfromtheassessment.Scope:

7、ThisassessmentisapplicablefortheoftheUniversityofConnecticut.Assumptions:Theassumptionslistedbelowapplytothisriskassessment.·.LocationProvidetheaddressofthedepartment.UniversityofConnecticut