Summary of stated purpose
The aim of the toolkit is to enable Further Education institutions (FEIs) to calculate their exposure to risk in areas of information security and to offer formulae for risk reduction.
Completion of a risk register that identifies 10 business risks and enables institutions to identify areas and levels of risk in areas such as information security policy, physical access control, illegal software and viruses etc. In addition self-assessment is invited in areas of security responsibility, IT risk management, equipment security, asset management, access to secure areas, user access, data validation and business continuity. An overall risk rating is provided on completion.
Output types
Quantitative and qualitative
Supporting evidence
This tool was developed by the Regional Support Centres for use in FE institutions. It was piloted at a number of these institutions and now awaits final development and uploading.
URL N/A