Risk Management

Risk management uses data identification and classification, risk analysis, asset value and remediation costs to develop effective, efficient and appropriate controls to protect university information resources. FSU takes seriously its obligation to respect and protect the privacy of the campus community and to safeguard the confidentiality of information important to the university’s academic and research missions. Managing risks to technology assets and data  is essential to the protection of the assets and to minimizing threats to the confidentiality, integrity and availability of FSU data. Every university unit shares in this responsibility.

Risk management is a proactive approach to assessing cyber threats, vulnerabilities and possible impacts in order to determine the best and most cost effective mitigations. A few activities that support this effort are:

General Data Protection Regulation (GDPR)

FAQ for GDPR.

Vulnerability Management

Routine scans of the university's network help ensure devices are "patched" with current updates and configured securely.

Intrusion Detection and Prevention

This process guards the university's network border and blocks malicious activity from getting through.

Website Scanning

Scanning helps university departments prevent the unauthorized leakage of data.

Security Assessments

Campus units can schedule assessments with ISPO to test their defenses against social engineering attempts and other security threats. Contact security@fsu.edu to schedule your assessment.

Support Resources

What is a Risk Assessment

Why Does FSU Have a Risk Management Program

The FSU Unit Privacy Coordinator

What is a Dataset?

Data Information Classification Guidelines

FSU Wireless Security Guidelines