100 %
0 %
Information about ITS-RM

Published on January 15, 2009

Author: aSGuest10698


Information Technology Security Risk Management Program (ITS-RM) : Information Technology Security Risk Management Program (ITS-RM) October 7, 2004 Brian Davis & Shirley Payne Office of Information Technologies Security & Policy What’s Risk Management? : What’s Risk Management? Formally defined “The total process to identify, control, and manage the impact of uncertain harmful events, commensurate with the value of the protected assets.” More simply put… : More simply put… “Determine what your risks are and then decide on a course of action to deal with those risks.” Even more colloquially… : Even more colloquially… What’s your threshold for pain? Do you want failure to deal with this risk to end up on the front page of the Daily Progress? Effectively Managing Risk Means: : Effectively Managing Risk Means: Knowing what needs to be protected Understanding threats and determining the level of risk they pose to critical assets Pursuing strategies to mitigate unacceptable risks Having a contingency plan for operating without critical assets temporarily Why? : Why? “Best practice” (and a good idea…) Reasonable approach to a complex task Not just HIPAA -- other regulations General process with a HIPAA component Planned IT Security Risk Management Program : Planned IT Security Risk Management Program University-wide, including Medical Center Information on current threats, templates, checklists, and other guidance provided Four steps of program: IT Mission Impact Analysis IT Risk Assessment IT Mission Continuity Planning Evaluation and Reassessment Implementation Strategy : Implementation Strategy Design involved Audit, Risk Management, Police, HIPAA Office, Health System Computing Services HIPAA questions, RiskWatch exceptions, use of HSCS disaster recovery/business continuity plan Roll-out Concentrated effort on 10 areas this academic year Also identifying areas with ePHI Encourage other departments to get moving May take three years to reach all departments It’s not as painful as it looks! : It’s not as painful as it looks! No one will be starting from scratch Little is expected from those with little, more is expected from those with more The templates are designed for the most complex situations but work for simple solutions, too Executive Support : Executive Support Strong executive support has been a key success factor at other institutions Executives fully behind program at UVa University policy requiring participation in the program is coming For More Information... : For More Information... Brian Davis Shirley Payne 243-8707 924-4165

Add a comment

Related presentations

Related pages

Hier entsteht eine neue Internetpräsenz

Willkommen! Welcome! Willkommen! Welcome! Hier entsteht eine neue Internetpräsenz. Willkommen! Welcome! Willkommen! Welcome!
Read more

Remington Releases its RM380 Micro Pistol see with the GTM ...

Remington Releases its RM380 Micro Pistol by Barbara Baird - Tuesday, November 3, 2015 Remington Releases its RM380 Micro Pistol “Trust, but verify.”
Read more

What did 1MDB spend its RM1.6 billion sukuk on, ‎asks ...

About RM1.6 billion of the RM2.4 billion sukuk 1Malaysia Development Bhd (1MDB)‎ issued through Bandar Malaysia Sdn Bhd in 2014 remains unaccounted…
Read more

Information Technology Risk Management - Extreme IT ...

Information Technology Risk Management. It’s very common for organizations managing risk in terms of financial and budgetary allocations, but management ...
Read more

University of Virginia Information Technology Security ...

University of Virginia Information Technology Security Risk Management (ITS-RM) Program Version 3.0 Revised 08/03/10 Contact:
Read more

Warmane Armory | Team its rm @ Warsong

Name Guild Race Class Faction Realm Wins Games P-Rating MMR; Bopxa: Warsong: 11: 16: 1881: 1891: Itsundek: Warsong: 32: 51: 1882: 1890: Tecnineop: Warsong ...
Read more

YouNow | Live Stream Video Chat | Free Apps on Web, iOS ...

Discover Talented broadcasters, watch live streaming video, and chat with people from around the world for free.
Read more

High Level ITS Portfolio Support Workflow (with AV + No ...

High Level ITS Portfolio Support Workflow ... ITS RM Manager n/a Issued v1.0 10/12/2009 Thitima Sinadyodharaks 1 - Diagram name update to "High Level ITS ...
Read more

Personal Computer User, Information Security, U.Va.

The ITS-RM program applies to agencies 207 (Academic Division), 209 (Medical Center), 246 ... Information Security Phone: 434-243-8707 Fax: 434-243-9197.
Read more