A Security Risk Assessment (SRA) assesses potential information security risks in an organization’s applications and technologies and it also serves to confirm that security controls are in place to protect against security threats.
For information about SRA, please view guidance on this topic from:
- the Centers for Medicare & Medicaid Services;
- the National Institute of Standards and Technology;
- the Centers for Disease Control and Prevention – Division of Select Agents and Toxins;
- HealthIT.gov.