Risk Assessment (RA)

Purpose – 

The Risk Assessment Policy and associated controls describe the requirements for identifying, analyzing, and managing information security risks associated with Tarleton State University (Tarleton) information and information resources.  

---

Scope and Roles – 

This policy applies to information resources owned or managed by Tarleton. The intended audience includes all involved in hiring and personnel management, the Tarleton Chief Information Officer (CIO), Chief Information Security Officer (CISO), and information resource owners and custodians. 

---

Compliance – 

Risk Assessment controls are implemented to ensure compliance with Title 1 Texas Administrative Code (TAC) §202.75, §202.74, and the Texas Department of Information Resources (DIR) Security Control Standards Catalog as required by TAC §202.76 and Texas A&M University System (TAMUS) Regulation 29.01.03, Information Security.