visit OK.gov OMES: Chief Information
Officer (CIO)
Skip to Content   Contact Information  |  News Room  |  RSS Feeds
Home / Customer Portal / Service Catalog / Security Services / Annual Statewide Risk Assessment
ISD Service Catalog
 A to Z Listing | Recently Added | Search Agency Services

Annual Statewide Risk Assessment

Service Description

The standard security risk assessment process developed by the Office of State Finance as specified in Title 62, Section 34.32 (HB-2935) that originally became law on July 1, 2006.  

This service provides support for the annual risk self-assessment, which is a qualitative risk analysis designed to determine how well each agency complies with a proven set of security industry standards. The self-assessment process is, by definition, open to interpretation by the person or persons responding to the questions. Some individuals may assess their environments more critically, while others may be less critical depending on their level of awareness, experience and understanding of the process and their environment.

Related services available from external parties by contract (SW759)

  • Respond to all questions in  the standard security risk assessment questionnaire on behalf of the agency for which the risk assessment is being conducted.
  • Analyze the scope of existing security operations and validate them against the controls considered to be essential to an organization and common practice to information security in ISO/IEC 17799-05 (now renumbered to 27002), utilizing a standard risk assessment methodology consistent with NIST SP-800-30; and including the minimum security requirements defined by the OSF Standard Security Risk Assessment and the PCI self-assessment.
  • Risk Analysis – identify and determine the value of critical information assets and the likelihood of loss based on the exposure to threats. This will be a systematic approach that estimates the magnitude of risks.   

Customer Benefits

  • Legal and regulatory compliance
  • Increased awareness of threats and vulnerabilities

Customer Market

This service is available for all Oklahoma state agencies, offices, officers, bureaus, boards, commissions, counsels, units, divisions, bodies, authorities, or institutions of the executive, legislative, or judicial branches of state government. The term "state agencies" does include institutions within the Oklahoma State System of Higher Education or the Oklahoma State Regents for Higher Education.

Customer Responsibilities

Customers are required by law to complete the risk assessment to the best of their ability by no later than Dec. 1 of each calendar year.

How Do We Charge?

There is no charge for the basic support in this area.

Getting Started
To order or inquire about this service, please contact the OSF Service Desk.

Service Hours
8 a.m.-5 p.m., Monday-Friday

Annual Deadline
Dec. 1

Related Services
Risk Assessment Survey

Please contact the OMES Service Desk if you need any addition information about services in this catalog.
Last Modified on 08/24/2012
RSS Feeds get adobe reader get adobe reader get adobe reader get adobe reader
                                                                                                                                                                                                                                                           
 
Copyright © State of Oklahoma
Help Desk  |  Policies  |  About Oklahoma's Web Portal  |  Feedback  |  Accessibility