ISORA stands for Information Security Office Risk Assessment. ISORA was created by UT's Information Security Office for the purpose of bringing the University into compliance with Texas Administrative Code (TAC-202) and UT System Business Procedures Memorandum (BPM) 75. Aside from bringing UT Austin into compliance, another important purpose of ISORA is to identify risks so that the University can devise mechanisms to deal with those risks.
The state and the University administration require the University to undergo an annual assessment, ISORA, of the University's information resources. People who are asked to fill out ISORA are asked because they are responsible for an information resource, such as a computer, that was connected to the UT Austin network between April 1, 2011, and July 1, 2011.
There is no penalty for filling out ISORA incorrectly. However, it is very important that ISORA be filled out accurately, because inaccurate information in ISORA hurts the University’s ability to manage the risk to University data.
Step 1 for ISORA must be completed by Friday, October 21, 2011.
After Step 1 is completed, McCombs Computer Services will complete Step 2 and submit ISORA to Dean Gilligan for approval.
A computer is assigned to you in ISORA because either your name appears as the computer name or your department lists you as responsible for a specific computer(s).
On a PC running Windows XP, click on the "Start" button in the lower left-hand corner, highlight the "Control Panel" folder, and select the “System” icon. After the “System Properties” window opens, click on the “Computer Name” tab. You will see your computer name listed on the “Full computer name:” line.
Contact James Coombes (James.Coombes@mccombs.utexas.edu) and he will help investigate the issue with ISORA computer assignment.
The computers listed in ISORA are made up of devices and computers that were on the University’s network between April 1, 2011, and July 1, 2011. If your computer wasn't on the UT Austin network during that period, your computer won’t be listed in ISORA.
The University currently does not have a system that links computer names to their UT inventory numbers; however, McCombs Computer Services has gone into ISORA and entered UT inventory numbers for any computer where they knew the UT inventory number.
The University’s data classification standards can be found at the following URL:
http://www.utexas.edu/its/policies/opsmanual/dataclassification.php
It is very important to know what data is on your computer. If for some reason you do not know what data is on your computer, then click no to all the wizard questions and then contact James Coombes (James.Coombes@mccombs.utexas.edu). James will work with you on getting your computer to a state where you know all the data on it.
You are getting this result because you answered no to the three data classification questions (Does this system have category 1 data on it?, Does this system have category 2 data on it?, Does this system have category 3 data on it?).
-If you actually know the type of data on your computer, click the "Cancel" button and then restart the wizard for the computer again.
-If for some reason you do not know what data is on your computer, then go ahead and click the "Acknowledge" button and then contact James Coombes (James.Coombes@mccombs.utexas.edu). James will work with you on getting your computer to a state where you know all the data on it.
It is very important to know what data is on your computer. If for some reason you do not know what data is on your computer, then set your computer’s data classification in ISORA to “I don’t know” and then contact James Coombes (James.Coombes@mccombs.utexas.edu). James will work with you on getting your computer to a state where you know all the data on it.
Yes, a videos was created by the Information Security Office to assist UT Austin faculty and staff in filling out ISORA. You can access the videos by clicking the links below.
Introduction to filling out the survey (ISORA Step 1 - duration: 7:41):
https://security.utexas.edu/risk/video/quicktime/2010/ISORA-2010-Step1.mov