The Information Technology Security Manager should create an IT Threat-Risk Assessment Report Template, summarizing assessment findings. ITSD101-1 IT THREAT/RISK ASSESSMENT REPORT should contain the following information, at a minimum:

Systems reviewed;
Number of threats found this period and last; and
A summary of identified threats.

The Information Technology Security Manager should submit the IT Threat-Risk Assessment Report Template to Information Technology Managers and the affected systems’ management for their review. Information Technology Managers and management of the affected systems should determine if preventive actions are required.

The Information Technology Security Manager should periodically review the risk assessment process to ensure its continued timeliness and applicability. Historical data from ITSD101-1 IT THREAT/RISK ASSESSMENT REPORT (i.e., number, nature, and severity of threats over time) should help determine if risks are under control.

IT Threat-Risk Assessment Report Template Details

Pages: 01
Words: 32
Format: Microsoft Word 2013 (.docx)
Language: English
Manual: IT Policies and Procedures Templates
Category: IT Security & Disaster Recovery
Procedure: IT Threat-Risk Assessment Procedure ITSD101
Type: Report