Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

At Risk? Take the IT Risk Assessment

33 views

Published on

Presented live at the North East Society of Association Executives Digital Solutions Conference, October 2020.

Video recording of the presentation is here:
https://www.youtube.com/watch?v=7LqRz077ojM

This session is designed to be hands-on with the analysis tool, so participants will literally walk away with personalized IT risk assessment results, complete with ratings, scores, and specific action items using a tool developed to answer questions that will guide IT and business strategy. Background information, metric and matrix details, and a specific example of using the assessment twice over three years will be shared – showing how the tool has been used to demonstrate growth, evaluate trends, and deliver direct results a board of directors needs to know.

http://www.srholloway.com

Published in: Technology
  • Be the first to comment

  • Be the first to like this

At Risk? Take the IT Risk Assessment

  1. 1. At Risk? Take the IT Risk Assessment @ShaunHolloway Association of College and University Housing Officers – International
  2. 2. Our Time Together 10 - Assessment Tool Overview 25 - Complete the IT Risk Assessment 10 – Results Discussion, Actionable Next Steps Questions and Assistance
  3. 3. Assessment Tool Created in 2016 Used with the Board of Directors in 2016 and 2019 assessments Needed a way to identify areas of risk that were actionable
  4. 4. Reputable Instrument Educause IT Risk Register U.S. National Institute of Standards and Technology Guide for Conducting Risk Assessment U.S. Government Accountability Office InfoSec risk assessment matrices
  5. 5. Assessment Framework 36 risk statements 34 defined by the Educause IT Risk Register 2 added by ACUHO-I for direct user-based scenarios 11 IT Domains Management of IT IT Support Services Educational Technology Services Research Computing Services Data Centers Communications Infrastructure Enterprise Infrastructure and Services Information Security Identity Management Systems and Applications Business Continuity
  6. 6. Assessment Framework 6 Functional Areas Compliance Financial System Service Operational Reputational Strategic
  7. 7. Assessment Scoring
  8. 8. Assessment Scoring Undesirable 1.0 – 0.8 Effort is needed to address the risk statement and understand the current situation and factors that are contributing to the situation. Reviewable 0.7 – 0.4 A discretionary review by management is needed to determine whether the level of risk is acceptable or if the risk statement is undesirable. Acceptable 0.3 – 0.0 Risk statement is deemed to be in a state that does not need to be reviewed by management.
  9. 9. RISK ASSESSMENT TIME Access the IT Risk Assessment https://bit.ly/38Dsoko File located on my personal Box.com account for limited time. Must download to use calculations.
  10. 10. RESULTS DISCUSSION ACUHO-I’s Findings
  11. 11. Data Analysis - 2016 v 2019 Undesirable… Reviewable… Acceptable… Undesirable 1.0 - 0.8 Reviewable 0.7 - 0.4 Acceptable 0.3 - 0.0
  12. 12. Functional Area Analysis 0 10 20 30 Compliance Financial System Service Operational Reputational Strategic Undesirable (n=2) Reviewable (n=7) Acceptable (n=27) 0 10 20 30 Undesirable (n=2) Reviewable (n=7) Acceptable (n=27) Compliance Financial System Service Operational Reputational Strategic
  13. 13. Service Area Analysis 0 2 4 6 8 10 12 14 Undesirable (n=2) Reviewable (n=7) Acceptable (n=27)
  14. 14. Data Suggests 0 10 20 30 Undesirable 1.0 - 0.8 Reviewable 0.7 - 0.4 Acceptable 0.3 - 0.0 Risk Statement Distribution 2019 2016
  15. 15. Rationale Contributions Apply human interpretations Evaluation team discussion outcomes Focus on the UNDESIRABLES Define next steps
  16. 16. @ShaunHolloway Association of College and University Housing Officers – International At Risk? Take the IT Risk Assessment

×