Foundations for Effective Security Risk and Program Assessment

Tuesday, April 13 | 2:00PM–3:00PM | International B (6th floor)
Session Type: Professional Development
How does an institution assess the risks and effectiveness of something as multifaceted and complex as its risk management and information security programs? An assessment methodology must be valid, reliable, transparent, and defensible. Results should be reported in a consistent format so program strengths and weaknesses are easily identified. Join two universities from Texas to hear how they implemented security-risk and security-program assessment. In this session, the underlying principles of these two programs will be explained so attendees can adapt the methodology to meet the specific needs of their institutions.