Frequently Asked Questions about the UCI Security Risk Assessment Questionnaire (SRAQ)
- What is the SRAQ?
- The SRAQ is a tool to guide you through the security risk assessment process for a system, to get you to think about and document the data components, threats and countermeasures, and other key information required when assessing risk. It also provides a worksheet for risk acceptance and action items for risk reduction. It is primarily used as a self-assessment tool, but is also the basis and required information gathering for audits and security reviews. It can also be given to a vendor during an RFP for them to document how they will protect your data.
- Where can I download the tool?
- What is the "LITE" version vs the regular version?
- The "LITE" version is the same document with all
{"serverDuration": 196, "requestCorrelationId": "b4cc4a7dc18d40ad998e4baa7a1575bc"}