Security Threat and Risk Assessment (STRA) Process

Number:	Creation Date: 2017-10-13
Category: Risk Management	Effective Date: 2017-10-13
Type: Procedures	Last Reviewed: 2020-05-26
Version: 1.0	Scheduled Review Date:
Security Classification: Public	Status: Approved
Scope: Government of Alberta

Description:

Process for tracking and managing the STRA lifecycle. Security Threat and Risks Assessments (STRA) must be conducted for all new IT systems and for substantial updates to existing systems.

Keywords: CISO, Risk Assessment, Risk Management, STRA

Download: Security Threat and Risk Assessment (STRA) Process (PDF)

Supporting Documents

Security Threat and Risk Assessment (STRA) Template (DOCX)

Related Policies

IT Security Risk Management Practice
Information Security Management Directives
Statement of Sensitivity (SOS) Process

Security Threat and Risk Assessment (STRA) Process // <![CDATA[ _spBodyOnLoadFunctionNames.push("setupPageDescriptionCallout"); // ]]>

Security Threat and Risk Assessment (STRA) Process