Risk Assessment Methodology for Software Stacks

Aims to provide a risk assessment framework for software stacks

In the genomics community, many groups lack training in security assessments. The GA4GH Data Security Work Stream is exploring developing a policy framework on risk assessment methodology for software stacks.

Jump to...

Documents Contributors

Benefits

  • Aims to outline concrete steps to assess risk in software stacks

Target users

Data custodians, data protection authorities, and security officers


GET INVOLVED
THEME
Security/regulation/ethics
CATEGORY
Technical specification
TYPE
Technical implementation guidance
STATUS
Study Group
Work Stream
LATEST VERSION
In progress
Product Lead
  • David Bernick
Staff Contact

Community resources

Dive deeper into this product!

Currently under exploration, the Risk Assessment Methodology for Software Stacks product would offer best practices that relevant groups may use to develop their own policies. The product may consist of several parts including:

  • a how-to on assessing risk aligned to a known framework;
  • a methodology or algorithm for groups to self-service risk assessments beyond what is in the Data Security Infrastructure Policy (DSIP).


Date

Title

15 Dec 2023
Driver Project Engagement Matrix
14 Sep 2023
Code of Ethics and Community Conduct (CECC)

Don't see your name? Get in touch:

Contact Us
  • Dixie Baker
    Martin, Blanck and Associates
  • Thomas Conner
    Broad Institute of MIT and Harvard