ASSETs:
Automated Security Self-Evaluation Tools

What is ASSETs?

An online database application used by Unit Security Liaisons to conduct an on-going university-wide qualitative IT risk assessment and to create security plans to help mitigate risk.

The program consists of 6 simple steps:

1. Inventory Assessment: Identifies sensitive/critical systems and sets the scope for the rest of the assessment.
2. Risk Assessment: Helps Unit Security Liaison assess unit risk level and prioritize mitigation efforts.
3. Security and Business Processes Questionnaire: Evaluates processes and procedures for the unit.
4. Security Evaluation Report: Displays results of the Security and Business Processes Questionnaire.
5. Security Plan: Creates a printable report complete with recommended actions for improving security and business processes.
6. Business Continuity Plan: Contains some basic information about creating a BCP

Why ASSETs?

As a result of the 2005/2006 Securing Sensitive Data Initiative (SSDI), all colleges/departments (academic and administrative) at UGA were tasked with the following:

• Identification and inventory of critical/sensitive servers/data and business processes;
• Assessment of critical and sensitive assets;
• Evaluation of business and security processes;
• Development of a plan to lower the risks and threats to the identified assets;
• Creation of a sustainable process/plan to mitigate risks/threats going forward;
• Attend security awareness training and education sessions

ASSETs addresses most of these concerns.

FAQ: