In today’s threat-rich environment, every effort must be made to control risks associated with the college’s vital business functions and services. The purpose of this procedure is to provide a blueprint that maximizes the protection of confidentiality, integrity, and availability while still providing functionality and usability.
Risk is defined as a condition or action that may affect the outcome of planned activities that are critical to the college’s functions and services. Risks are brought about by the dynamics of random events, interdependencies of systems and processes, environmental surroundings, and other factors. The entities that are affected by risk are the college’s information and physical assets, which the institution is required to protect.
Risks can potentially cause a disruption that adversely affects the college’s ability to provide services to its customers. To ensure that risks are appropriately managed, RAM includes the identification, evaluation, and control of risks to protect the college’s information technology assets and vital business functions and services. Currently, this policy is limited to the college’s critical business functions to include the information infrastructure and the actual information that it carries. Both virtual and physical risks are assessed.
The college uses the following guidelines to manage risk in a manner that best supports the continuation of business functions and services.
The following four major elements comprise RAM activities at Southeastern Community College:
Risk assessment and management is an ongoing process that will continually evolve. The evolution should focus on improving the continuation of the college’s critical functions and services. The processes must lead to the identification of risk, its potential impact, and the development of strategies that will justify the resources required to provide the appropriate level of continuity initiatives and programs.
It is necessary to have a blueprint to follow for the risk assessment and management process to be successful. The document entitled Risk Assessment and Management Process provides the structure necessary to perform risk assessment at the college.
Reviewed and Last Updated on October 19, 2020.