Number: 
Creation Date:  2022-06-21
Category:  Risk Management
Effective Date:  2022-06-21
Type:  Processes
Last Reviewed:  2024-10-31
Version:  October 2024
Scheduled Review Date: 2026-10-31
Security Classification:  Protected A
Status:  Approved

Description:
Please note that information classified as Protected (per the Data and Information Security Classification standard) is only accessible to Government of Alberta Employees. External users are therefore not able to download this document. To request access, please contact us: imt.policy@gov.ab.ca.

​The Statement of Acceptable Risk (SoAR) is a vehicle for the information Controller to document risks along with existing and proposed mitigations. The SoAR is also used to identify risks relating to IMT Policy Instruments, exceptions and/or deviations (e.g. temporary patching exemption, modification of security control). SoAR are facilitated and collected by Cybersecurity Services.​​​


Keywords: cybersecurity, risk assessment, risk management, SoAR, acknowledged risk