Information Systems Risk Assessment


This Spotlight bulletin focuses on 2011 CDS survey results related to information systems (IS) risk assessments. Research findings and industry experience demonstrate that conducting a security risk assessment helps increase an institution’s security posture and also helps prioritize the allocation of limited IT resources. A growing percentage of institutions across all Carnegie Classifications have conducted a campus IS security risk assessment, and this research looks at the data by institution size to provide an alternative view of IS risk.

The ECAR CDS Spotlight Research Bulletin Series highlights findings from the EDUCAUSE Core Data Service, focusing on a small but meaningful slice of data collected in the CDS. These selected highlights are intended to provide context and meaning for CDS benchmarks that may be of especially broad interest, be especially timely, or draw connections between research from ECAR and CDS. The series is featured along with other CDS publications on the CDS website,, and is now available to eligible ECAR subscribers as part of the ECAR subscription.

Citation for this Work: Keating, Corey. “Information Systems Risk Assessment” (Research Bulletin). Boulder, CO: EDUCAUSE Center for Analysis and Research, July 24, 2012, available from

Download Resources