Risk Management

Risk Management is the process of identifying, assessing and communicating threats regarding the University's financial stability, reputation and data. The Information Security Office performs risk assessments and attestations to identify  risk and protect the University  by alerting the Information Resource Owners (Application, Data, or other types of Resource Owners) of potential risk.

Application Owners are required to request a risk assessment for their applications according to this schedule:

• Annually for any applications that deal with confidential data (see: go.uta.edu/ISOConfidentialDataList)
• Annually for any applications considered to be “mission critical” for the functioning of UTA’s core business services
• Biennially (every 2 years) for cloud applications that do not deal with confidential data.

To request an application risk assessment, go to https://go.uta.edu/ISOAppAssessment

As a reminder, TAPREQs are still required. Check the Technology Acquisition Helper Tool for details: go.uta.edu/tapreq.