ISORA - Risk Assessment Utility

Computing & Wireless : Application Software

Available for non-exclusive licensing


  • Cameron Beasley , Information Security Office
  • Jason Phelps , Information Security Office
  • Sean Reid , Information Security Office
  • Benjamin Maxfield , Information Security Office
  • Daryl Ashley , Information Security Office

Background/unmet need

Risk assessment is the most integral step towards risk management. Risk assessment of high-risk information resources has become highly important to ensure that sensitive information is protected from any misuse. In fact, it has become a regulatory requirement in many academic and business institutes to have an annual risk assessment.

Invention Description

ISORA is a flexible, scalable, web-based enterprise risk assessment application that is designed to address system security, data security, and departmental implementation of enterprise policies. This application allows for granular delegation of responsibilities and access to accommodate large, federated environments. ISORA can be used to conduct entity-wide risk assessments, to ensure compliance of the target with specific regulations (e.g., PCI, HIPAA, state statutes, etc.)


  • Allows host-based risk assessment for very large distributed environment
  • Can effectively measure/monitor risk based changes throughout the enterprise
  • Flexible with regards to assessment questions, reporting, delegation, etc.
  • Allows unlimited delegation of authority
  • Provides each respondent with an immediate remediation plan
  • Allows institution to assess risk for an unlimited number of statutes, laws, policies, etc.


  • Flexible
  • Federated
  • Platform agnostic

Market potential/applications

Highly distributed and non-distributed networks requiring risk assessment

Development Stage

Beta product/commercial prototype