DBMG - Information Asset Risk Management
- Overview
Information Asset Risk Management is the process of identifying assets and associated risks, determining their magnitude, and identifying what safeguards are needed to ensure the safety of information assets. A business recovery plan addresses how assets will be operational after a disaster and is a plan that can be successfully implemented in a disruptive situation to implement basic services needed to resume business operations. - University Policy
The Information Technology Security Office is responsible for aiding departments with information asset risk management and with developing a business recovery plans. The web site contains sections for protective software, selecting good passwords, business recovery plans, risk analysis, backup services, and surplus IT equipment.
The Information Technology Security Officer ensures that the university has the technology tools, education, awareness, and guidance necessary to work towards a safe and secure information technology environment.
- Departmental Responsibilites
- Having an awareness of how technological risks can impact the day-to-day business activities
- Completing a departmental business impact analysis/risk assessment
- Making a commitment to ensure that the department can be prepared for any situatio
- Internal Controls
- Developing a business recovery plan to resume day-to-day operations in the event of a technological disaster
- Developing, documenting, maintaining and testing the plan to ensure that day-to-day operations can be resumed within a reasonable timeframe