Text Only Version

ASSETs:
Automated Security Self-Evaluation Tools


A program for identifying and assessing risks to sensitive/critical computer systems at UGA

What is ASSETs?

An online database application used by Unit Security Liaisons to conduct an on-going university-wide qualitative IT risk assessment and to create security plans to help mitigate risk.

The program consists of 6 simple steps:

  1. Inventory Assessment: Identifies sensitive/critical systems and sets the scope for the rest of the assessment.
  2. Risk Assessment: Helps Unit Security Liaison assess unit risk level and prioritize mitigation efforts.
  3. Security and Business Processes Questionnaire: Evaluates processes and procedures for the unit.
  4. Security Evaluation Report: Displays results of the Security and Business Processes Questionnaire.
  5. Security Plan: Creates a printable report complete with recommended actions for improving security and business processes.
  6. Business Continuity Plan: Contains some basic information about creating a BCP

Why ASSETs?

As a result of the 2005/2006 Securing Sensitive Data Initiative (SSDI), all colleges/departments (academic and administrative) at UGA were tasked with the following:

  • Identification and inventory of critical/sensitive servers/data and business processes;
  • Assessment of critical and sensitive assets;
  • Evaluation of business and security processes;
  • Development of a plan to lower the risks and threats to the identified assets;
  • Creation of a sustainable process/plan to mitigate risks/threats going forward;
  • Attend security awareness training and education sessions

ASSETs addresses most of these concerns.

FAQ:

The FAQ for ASSETs can be found here.