Risk Assessment

A service of IET

Laws (HIPAA) and industry mandates (PCI) require organizations to assess their vulnerabilities and risks. Organizations must be conscious of information security, and must develop and implement proper security controls based on their internal risk and vulnerability assessments. These assessments can help the organization:

  • Uncover known weaknesses and vulnerabilities in its IT infrastructure.
  • Prioritize the impact of these vulnerabilities, based on the value and importance of the IT and data assets affected.
  • Implement security controls and countermeasures to mitigate the weaknesses.

The mitigation increases security, and reduces the odds that a threat or vulnerability will harm the organization’s production environment.

  • Campus directors can use the UC Davis Information Security Team’s IT expertise to perform a full risk assessment
  • The team can recommend an outside company to perform assessments
  • The team can provide templates to departments that want to perform a self-assessment
  • The team works in a respectful manner while providing honest, professional analysis of a group's risk posture
  • The team can provide continuity and a larger context for these assessments, because we work closely with various IT leads and have tools that can help give a university-wide perspective
Get Started: 

To initiate the service, please email a request to ithelp@ucdavis.edu. Please include "Risk Assessment" in the subject line.


M-F, 8 a.m. - 5 p.m.


For IET rates or service consultation, contact IET’s Business Relationship Management office at:

Support Center

IT Express

Contact IT Express

M-F, 7am - 6pm

530-754-HELP (4357)