Security Planning

EDUCAUSE Library Items for Security Planning

Information Security Program Assessment Tool

April 15, 2013

This self-assessment tool was created to evaluate the maturity of higher education information security programs using as a framework the International Organization for Standardization (ISO) 2700…

The Journey to a Successful Risk Assessment: One Strategy Unveiled

February 19, 2010 | A session at the EDUCAUSE Southwest Regional Conference 2010

A sound risk assessment process is one of the building blocks of a maturing information security program. Join the IT Security Team from Texas State University as they reveal the process and proced…

GSU's Roadmap for a World-Class Information Security Management System: ISO 27001:2005

October 24, 2007 | A session at the EDUCAUSE 2007 Annual Conference

Georgia State University is one of the first universities to embrace the ISO 27001:2005 standard for establishing an information security management system (ISMS). A systematic and disciplined appr…

Developing a University Systemwide Information Security Roadmap

April 11, 2007 | A session at the Security 2007

Developing and implementing a common set of baseline information security practices across all the campuses of a very large state university system can be a daunting undertaking. This presentation …

Seminar 3P - A Blueprint for Handling Sensitive Data: Security, Privacy, and Other Considerations PLEASE NOTE: Separate registration and fee are required to attend this seminar.

March 19, 2007 | A session at the NERCOMP Annual Conference 2007

Information security risks at colleges and universities present challenging legal, policy, technical, and operational issues. According to a recent study by the EDUCAUSE Center for Applied Researc…

A Blueprint for Handling Sensitive Data: Security, Privacy, and Other Considerations

January 1, 2007

Information security risks at colleges and universities present challenging legal, policy, technical, and operational issues. According to a recent study by the EDUCAUSE Center for Applied Research…

Seminar 09F - Effective IT Security Practices PLEASE NOTE: Separate registration and fee is required to attend this seminar.

October 9, 2006 | A session at the EDUCAUSE 2006 Annual Conference

IT security is a critical issue in higher education. This seminar will focus on network security architectures, infrastructure, data security, incident detection, prevention, and response. A framew…

A Unified Approach to Information Security Compliance

January 1, 2006

© 2006 M. Peter Adler EDUCAUSE Review, vol. 41, no. 5 (September/October 2006): 46–61 M. Peter Adler, JD, LLM, CISSP, CIPP, is the President of Adler InfoSec & Privacy Group LLC …

Defend IT: Security by Example - Book Review

January 1, 2005

Recommended Reading Defend IT: Security by Example Ajay Gupta and Scott Laliberte Addison Wesley Professional, 2004 $34.99 (paper), 384 pp. ISBN 0-321-19767-4  …

A Systematic, Comprehensive Approach to Information Security

July 6, 2005

Information security is a process of business risk management that must be performed on an ongoing basis. It is critical to take an approach to information security that examines the risks and s…