|OUHSC Information Technology Department|
Information Security Risk Assessment:
Supporting documents: Full policy
All information system resources receiving, storing and/or transmitting sensitive data must have a product review completed.
Please use the form located at the bottom of the Technology Information Risk Assessment Process web page (http://it.ouhsc.edu/forms/productreview.asp) to start the Information Security Risk Assessment process.
If any of the above change at any time during the Information Security Risk Assessment process and/or the product implementation, the Information Security Risk Assessment must be updated to reflect these changes and be resubmitted for review.
The Information Security Risk Assessment will then be performed by each of the affected OUHSC IT departments to determine if the resource is compatible with existing IT infrastructure and if it brings any new or additional risks to the OUHSC IT environment.
Each affected OUHSC IT department will document any identified risks created by the resource specific to the affected area(s) and any recommendations. These recommendations will then be summarized into an overall analysis of the product and will include at a minimum the following:
|Copyright © 2006 The Board of Regents of the University of Oklahoma, All Rights Reserved.- Disclaimer | Copyright|