Information Security Governance Assessment Tools

Download Free Information Security Governance Assessment Tools

Section I: Organizational Reliance on IT
This section is designed to help you determine your institution’s reliance on information technology for business continuity. Your overall security evaluation rating will depend in part on your institution’s reliance on information technology. It should be completed by the president, chancellor, chief executive officer, or a designee.

Section II: Risk Management
This section assesses the risk management process as it relates to creating an information security strategy and program. Please note the change in scoring. This method of scoring applies throughout the remainder of this document. It should be completed by the president, chancellor, chief executive officer, or a designee.

Section III: People
This section assesses the organizational aspects of your information security program. It should be completed by the president, chancellor, chief executive officer, or a designee.

Section IV: Processes
This section assesses the processes that should be part of an information security program. It should be completed by the president, chancellor, chief executive officer, or a designee.

Section V: Technology
This section assesses the major technology topics related to information security. It should be completed by the president, chancellor, chief executive officer, or a designee with input from the chief security officer or chief information officer.