The annual risk assessment process using ISORA is a campus-wide risk assessment of information resources. It was implemented in 2007 to meet both regulatory (Texas Administrative Code, Rule §202.72) and compliance requirements. The process is designed to be relatively simple to follow, although effort will be required to collect and provide the requested information.
The core component of this process is the Information Security Office Risk Assessment (ISORA) service, which is designed to collect, analyze, and report on campus information resources risk data. Collecting this data requires campus-wide participation. Technical Support Coordinators (TSCs) are the core group who are responsible for providing information, and, if necessary, delegating the responsibility for providing information. Departmental heads are responsible for acknowledging the results once the TSCs and other delegates have completed their surveys.