This report discusses the development of information governance policy for UEH along with risk assessment methodologies and strategy in order to implement strong information governance for Blackbaud. It also highlights cyber security threats and steps to evade them, information security management system, information assets to be considered for risk analysis, and importance of information system in organization.