9th February 2023, Serdang -Centre for Quality Assurance has organized a Risk Assessment Workshop for Expanding the Scope of New Graduate Student Registration, Information Security Management System (ISMS) located at Mini Auditorium 1, Deputy Vice Chancellor (Research and Innovation) Office Building, UPM. This workshop is one of the preparatory programs for the ISMS scope expansion process in 2023.  A total of 17 participants attended this workshop consisting of members of the Graduate New Student Registration Team which includes the School of Graduate Studies, International Centre, University Health Centre, Bursar's Office, Information and Communication Development Center and UPM Bintulu Campus. This workshop aims to prepare a risk assessment report along with a risk recovery plan for the Graduate New Student Registration Team as a result of an assessment of ICT assets that impact the implementation of ISMS based on The Malaysian Public Sector Information Security Risk Assessment System (MyRAM) Methodology. MyRAM is used to ensure the validity of Government information and assets in providing effective and efficient services for all customers. Risk assessment is a method to determine what threats exist for an asset and the level of risk associated with those threats. Determining the level of risk provides the organization with the information needed to select appropriate safeguards and control measures to reduce the risk to an acceptable level. The output of the risk assessment process is the input for the decision-making process that determines whether to accept, reduce, transfer or avoid the risks that have been identified. This will be done in the Selection of Controls and shown in the Risk Treatment Plan (RTP) (Risk Recovery Plan).

Date of Input: 22/02/2023 | Updated: 24/02/2023 | aidawati