Update to Software Risk Policy and Compliance Assessment Processes

Posted: Monday, October 3, 2022
Category: For Suppliers, Resources, Alert, Featured, Purchasing, Training

The Information Security Risk Management intake form is for Rutgers University faculty and staff interested in engaging with a software and/or a service provider. This form will document and summarize the data sharing purpose, data sharing scope, data elements, and technology requirements. Populating this form is a prerequisite to initiating a risk assessment.

It is important to engage information technology professional resources while completing this form; early IT involvement during third-party risk/security assessments often improves risk/security assessment quality and reduces unnecessary delays.

The Information Security Risk Management uses the provided information to calculate the required assessment type. The decision is based on the sensitivity of the data and the criticality of the system, based on the Rutgers University Data Classification.

To access the intake form, click on the following link

For more information on the OIT Risk Management Program website: https://it.rutgers.edu/information-security/information-security-risk-ma...