Main Nav

ECAR publications range from short, timely research bulletins to major research reports. See descriptions of ECAR research publications. >

Search results

Showing 1 - 10 of 17 Results

Sort by:

Information Security Governance: Standardizing the Practice of Information Security
August 19, 2008

This ECAR research bulletin discusses the trend to use a variety of risk assessment frameworks and standards to create an information security program that is sufficiently comprehensive for colle…

IT Security Officer Survey
April 9, 2008

This April 2008 survey is a critical component of the EDUCAUSE Center on Applied Research (ECAR) study of information security officers in higher education. It seeks to understand the important c…

Managing IT Risk in Higher Education: A Methodology
March 18, 2008

This research bulletin presents a methodology, used successfully at the University of Technology, Sydney (UTS) in Australia, for managing and assessing risks related to information technology sys…

Most Improved: How Four Institutions Developed Successful IT Security Programs
November 3, 2006

Researchers conducted this in-depth case study to complement the ECAR study, Safeguarding the Tower: IT Security in Higher Education 2006. The case study examines how four higher education instit…

The Virginia Alliance for Secure Computing and Networking (VA SCAN): A Statewide Collaborative IT Security Resource
October 17, 2006

This case study examines ways in which the Virginia Alliance for Secure Computing and Networking (VA SCAN) provides a blueprint for higher education institutions interested in collaboratively pro…

Safeguarding the Tower: IT Security in Higher Education 2006
October 11, 2006

Presentation at EDUCAUSE 2006, October 9-12, 2006, Dallas, Texas. This presentation summarizes the findings of the EDUCAUSE Center for Analysis and Research 2006 study of information technology s…

Baylor University's IT Security Risk Assessment Program
October 12, 2006

This case study examines Baylor University's risk assessment program for information technology security, which was established in the face of the escalating demands that security places on …

Campus IT Security: Governance, Strategy, Policy, and Enforcement
August 15, 2006

Successful implementation of an effective information, data, and system "security blanket" for higher education institutions requires recognition of and action upon the cultural, politi…

Making Business Sense of Information Security
March 21, 2006

A well-managed security program starts at the top and must provide strong governance, business risk management, auditing, and control processes. This Burton Group study proposes a security techn…

A Systematic, Comprehensive Approach to Information Security
July 6, 2005

Information security is a process of business risk management that must be performed on an ongoing basis. It is critical to take an approach to information security that examines the risks and s…