IT Security Self- & Risk-Assessment Tool

it-securityThe SEARCH IT Security Self- and Risk-Assessment Tool is a companion resource to The Law Enforcement Tech Guide for Information Technology Security: How to Assess Risk and Establish Effective Policies, which SEARCH developed for the Office of Community Oriented Policing Services (COPS), U.S. Department of Justice.

The tool is a Microsoft Excel 2003 spreadsheet containing worksheets that guides you through a detailed assessment of your agency’s IT system in three categories:ManagementOrganizational, and Technicaland a fourth category, State and Local Law Enforcement-Specific IT Security Controls, which assists with recording information on additional state and local government issues.

The Assessment Tool allows your policy development team to walk through the process and record their answers in one location. It—

  • offers a simple and concise methodology by which to assess your systems and their potential risk
  • gives a graphical view of the systems assessed and their current status, based on the team’s input

Because of the graphical nature of the tool, it is immediately obvious where important issues need to be addressed. The answers can give managers a roadmap to their response to the risk and offer guidance on funding requirements for their systems. 


Detailed description of Assessment Tool
SEARCH IT Security Self- and Risk-Assessment Tool

tech-guide-itsecurityThe IT Security Tech Guide provides strategies, best practices, recommendations, and ideas for developing and implementing IT security policies. It offers a straightforward approach to help law enforcement agencies through an often complex process and provides a framework to gauge the performance and effectiveness of these policies.

Karen Lissy

Ms. Karen Lissy is a Justice Information Services Specialist for the Law and Policy Program of SEARCH, The National Consortium for Justice Information and Statistics. In this position, she provides assistance to state and local justice and public safety agencies to collect, curate, and use National Incident-Based Reporting System (NIBRS) data and computerized criminal history record (CCH/CHRI) information for policy analysis and development.

She also guides justice and related organizations in how to craft and implement laws, policies, practices, and technology applications to effectively collect and use CCH and related justice/public safety data; address legal, policy, and regulatory issues associated with CCH data; better manage and operate criminal justice information and identification systems; and develop security and privacy policies that protect justice information sharing systems.

Ms. Lissy has nearly two decades of research and data analysis experience, having led projects and tasks in support of two agencies within the U.S. Department of Justice’s Office of Justice Programs (the Bureau of Justice Statistics and National Institute of Justice), as well as the Centers of Disease Control and Prevention, and multiple foundations, including Ford, Annie E. Casey, and Hewlett. Prior to joining SEARCH in October 2020, Ms. Lissy served as a Social Science Researcher at RTI International, as a regional Crime Analyst for the Redmond (WA) Police Department, and as Director of a research program with the Harvard Center for Risk Analysis. Beginning in 2012, Ms. Lissy’s work has focused on improving data in law enforcement to answer policy questions and improve community/police relations.

Ms. Lissy earned a Bachelor’s degree in Public Policy from Duke University, and a Master’s in Public Health from the University of North Carolina at Chapel Hill.