Ohio.gov  |   State Agencies   |   Online Services
You are here : Resources  >  IT Security Tools
IT Security Tools

Risk Master Tool  

Risk Master tool is a lightweight risk assessment tool designed to assist agencies in conducting risk assessments based upon the guidance found Special Publication 800-30 Revision 1, Guide for Conducting Risk Assessments. The tool itself is not a comprehensive risk management process. Rather, it is intended to help a Chief Information Security Officer (CISO), a Chief Information Officer (CIO), or a team of key employees, identify general areas of concern as they relate to information security and privacy.  Along with assisting agencies in determining the gaps in their information security program and provide guidance and direction for improvement.

  Click here for Tool

Data Classification Worksheet

The Data Classification worksheet is designed to assist state agencies in the classifying data for the purpose of understanding and managing data and information systems with regard to their level of confidentiality and criticality. The accurate identification of data helps to ensure that the appropriate security controls are selected and implemented to protect data from unauthorized access or misuse. The worksheet is structured in line with the State of Ohio Administrative Policy IT-13 that defines the data classification methodology for state agencies.

Click here for Worksheet

To further expand upon the Data Classification policy and worksheet. The link below will provide downloadable PDF files of the State of Ohio training presentations for both the overall Data Classification and an example to fill out the worksheet.

DATA Classification Training slides

DATA Classification Worksheet training