Risk Management
Risk Management is the process of identifying, assessing and communicating threats regarding the University's financial stability, reputation and data. The Information Security Office performs risk assessments to identify risks and protect the University and alert application or data owners of potential risks.
Application owners are required to request a risk assessment for their applications:
- Annually for any applications that deal with confidential data (see: go.uta.edu/ISOConfidentialDataList)
- Annually for any applications considered to be “mission critical” for the functioning of UTA’s core business services
- Biennially (every 2 years) for cloud applications that do not deal with confidential data.
To register your application, complete the ISO Application Registration.
If your application meets the requirements above, you are required to complete the Risk Assessment. The assessment needs to be completed prior to any purchases or renewals. These assessments may take several weeks, so make your requests as soon as possible.
As a reminder, TAPREQs are still required. Check the Technology Acquisition Helper Tool for details: go.uta.edu/tapreq.