Features
Organizations must be conscious of information security, and must develop and implement proper security controls based on their internal risk and vulnerability assessments. These assessments can help the organization:
- Uncover known weaknesses and vulnerabilities in its IT infrastructure;
- Prioritize the impact of these vulnerabilities, based on the value and importance of the IT and data assets affected; and
- Implement security controls and countermeasures to mitigate the weaknesses.
The mitigation increases security, and reduces the odds that a threat or vulnerability will harm the organization’s production environment.
Before the University will allow software and cloud services use or purchase (including mobile apps, artificial intelligence tools, and free, downloadable software i.e. "freeware"), the products must be assessed for risk. Hardware may also be assessed. Assessment requests should be made by contacting the Technology Service Desk at 940-898-3971, servicedesk@twu.edu, techchat.twu.edu, or submitting a request through the Technology Service Catalog, or submitting a request by clicking Request Service on this page.
Contracts and Procurement
For purchases that require a contract, ITS leadership engages in contract review and approval.
-
All software, web applications and cloud services must be reviewed by Information Security prior to the contract being routed to the Contracts Department for review.
-
Once the TX-RAMP certification is obtained (if applicable) and the risk assessment is completed, TWU Information Security will close the risk assessment request and provide the requester with the signed risk assessment.
- The signed risk assessment may then be attached to the Contract Routing Request. During the Contract Routing Request process, the contract and product/service will also be evaluated by the ITS project management team to determine solution viability.
Related services
Quotes
Software Assessment and Implementation