RA-7 Risk Response

Description

This Control addresses the responsibility to properly respond to findings from risk assessments.

Applicability

• This Control applies to all Texas A&M information resources. The intended audience for this Control includes all information resource owners and custodians.

Implementation

• 1 - The information resource owner, or custodian, shall respond to findings from security and privacy assessments, monitoring, and audits in accordance with university accepted risk tolerance.