SEM01P - Lightweight Information Risk Assessment at The Ohio State University (separate registration is required)

Monday, May 01 | 1:00PM–4:30PM | Denver Ballroom 1-3, Lower Level 2
Session Type: Additional Fee Program
Delivery Format: Preconference Seminar
In 2013, The Ohio State University introduced a new Information Risk Management Program. The centerpiece of the program rollout was a lightweight risk assessment, which allowed the creation of information risk scorecards for campus departments, as well as campus-wide metrics for the university's senior leaders. The seminar will describe how an annual risk assessment is essential to the success of any information security program. The seminar will also provide a methodology for developing and executing an annual lightweight information risk assessment that won't kill your organization. The seminar will include many tips for success from the trenches at Ohio State.

Outcomes: Learn how to develop a lightweight risk assessment * Learn how to develop simple risk metrics * Learn how to leverage risk assessment metrics to support information security and risk management program objectives


  • Jim Herbeck

    Lead Security Analyst, Ohio State University