Information Security Risk Management Framework for University Computing Environment

Today’s universities are on the forefront of technological advancement which makes University’ computing environment vulnerable because of its large open networks. This paper analyzed the security threats specifically evolve in University’s network, and with consideration of these issues, proposed risk assessment framework for University computing environment. The proposed framework reduces the risk of security breach by supporting three phase activities; the first phase assesses the threats and vulnerabilities in order to identify the weak point in educational environment, the second phase focuses on the highest risk and create actionable remediation plan, the third phase of risk assessment model recognizes the vulnerability management compliance requirement in order to improve University’s security position. The proposed framework is applied on Vikram University Ujjain India’s, computing environment and the evaluation result showed the proposed framework enhances the security level of University campus network. This model can be used by risk analyst and security manager of University to perform reliable and repeatable risk analysis in realistic and affordable manner.