An Information Security Risk Assessment Model for Public and University Administrators




Casas, Victoriano

Journal Title

Journal ISSN

Volume Title



Assessing risk within any business entity is vital. Risk assessment/management is an essential part of every state agency, university and municipality. Computer viruses, malicious hackers, along with disgruntled employees all pose a major threat to data for public agencies, universities and local government assets. This applied research project discusses information security in depth. The purpose of this paper is threefold. First, this paper will explore the literature on information security in order to identify ideal components of a security program. Second, a survey on these ideal components will gather information security professionals' opinion on the most important elements of each component. Finally, the results of the survey will provide input on an ideal information security risk assessment program for educational institutions and/or state and local government agencies. The methodology for this research is the gauging technique. Survey research was the primary method of collecting data for this research. Ideal components of an effective risk assessment were identified and an open ended survey on those respective components was sent out to public administrators in the information security profession. The most important elements within each subcomponent of an ideal category for a risk assessment program are presented in the results chapter. The results show the important elements according to the information security professionals which help public administrators create an effective risk assessment program in their respective agency.


An Applied Research Project Submitted to the Department of Political Science, Texas State University-San Marcos, in Partial Fulfillment for the Requirements for the Degree of Masters of Public Administration, Spring 2006.


information security, risk assessment, disaster recovery, computer security, data security, risk management, Public Administration


Casas, V. (2006). An Information Security Risk Assessment Model for Public and University Administrators. Masters of Public Administration, Texas State University, San Marcos, TX.


Rights Holder

Rights License

Rights URI