Security incidents, ransomware and hurricanes are all very real threats.
To help prepare for these hazards, ITS conducts risk assessments of university IT environments to identify and remediate existing business and system weaknesses. ITS risk assessments systematically examine and identify systems, processes and situations that could negatively impact your department and the university. After the initial assessment, our team of security professionals consult with you to implement proactive security controls and executable measures to secure your college’s or department’s hardware, software and data. The output is a customized plan of the best and most cost-effective risk mitigations.
Why is it Important?
Proactively detecting and safeguarding against known threats and common security incidents enables departments to implement baseline security controls and develop a program to regularly monitor and evaluate compliance.
How Often Should it Happen?
University units are required to perform a comprehensive risk assessment every three years, as outlined in the Seminole Secure business continuity plan.
Critical Security Controls
The following basic, foundational and organizational controls are included in each risk assessment.
- Data sets
- Hardware assets
- Software assets
- Vulnerability management
- Administrative privileges
- Device configurations
- Audit logs
- Email and browser protections
- Malware defenses
- Network ports, protocols and services
- Data recovery
- Network device configuration
- Boundary defense
- Data protection
- Controlled access
- Wireless access
- Security awareness and training program
- Incident response management
- Application software security
- Penetration testing
Request a Risk Assessment
Visit the ITS service catalog to learn more about our risk assessment service and request an initial consultation
Access documentation and instructions for completing the tri-annual risk assessment detailed in the university's Seminole Secure program
Risk Management Standard
Understand how risk assessments play into requirements and regulations for risk management at FSU
If you have questions or need assistance with risk assessments, please contact ITS at email@example.com.