UF will soon implement a significant update to the IT risk assessment standard*. The new standard requires all units to perform a comprehensive risk assessment at least once every five years. The resulting mitigation strategy must be submitted to the UF Information Security Manager, Kathy Bergsma. Bergsma will use the unit reports to develop a UF-wide mitigation strategy. Annual progress reports must also be submitted to Bergsma.

The Office of Information Security Management has created a Web-based tool named "Achilles" to help units conduct risk assessments. Hands-on Achilles training will be offered in the CITT computer training lab (2215 Turlington Hall) in March. Risk assessment basics will be presented. You will learn how to use Achilles to help build risk profiles and how to develop a mitigation strategy from the risk profiles. After completing the course, you should be able to manage an IT risk assessment for your unit.

The following sessions are currently available for registration:

Sessions are now open for designated Network Contacts ONLY (see below); registration is required. You may register at: http://oak.circa.ufl.edu/~cittreg/current_schedule_by_date.html.

NOTE -- ATTENDANCE RESTRICTED: In order to take this course, you must be in the UF Network Services contact database for IT workers. You can check on-line whether you are eligible (listed as a Network Contact).

* http://www.it.ufl.edu/policies/security/documents/risk-assessment.pdf

If you have any questions about this event, please contact: UF IT Security Team
ufirt@ufl.edu
(352) 392-2061 suncom 622-2061
http://infosec.ufl.edu/