Here you will find guidance and links to resources for carrying out risk assessments. To help you understand the part you play in carrying out risk assessments please review the staff role descriptions below before deciding if you are involved in conducting risk assessments:
- Data Stewards are designated for specific systems by Key Information Asset Owners. For all dedicated information systems owned or procured by academic schools the Data Steward is the College Registrar. If you want to find out who the Data Steward is for a specific system click here.
- Information Assets are currently: Campus Management Information; Education Information; Estates information; External Engagement; Financial Information; Research Information; Staff Information; Student & Applicant Information; Student Recruitment Information; Business intelligence information (Uni BI system); Academic timetables; Library service management system; Identity Management information; Residences management.
- Key Information Asset Owners are normally the Director of the relevant Professional Services department and are designed by the Senior Information Risk Owner – further information available from the ISF team as above.
- The Senior Information Risk Owner is the Chief Operating Officer and is designated by the Vice-Chancellor
A tool has been designed to provide a quick, light touch risk assessment for assessing the information security risks involved in the types of activities described below:
- Removing existing information security controls
- Making a change to an existing system or systems
- Changing an existing process
- Review of an existing system