-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Filter by type
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
- Information Technology Management and Leadership [x]
- Security Awareness [x]
- Security Risk Assessment and Analysis [x]
- Cybersecurity (5)
- Security Management (5)
- Security Implementation (3)
- Information Systems and Services (2)
- Policy and Law (2)
- Risk Management (2)
- Security Planning (2)
- CIO (1)
- Cloud Computing (1)
- Identity and Access Management (1)
- Intellectual Property (1)
- Networking and Emerging Technologies (1)
- Open Source (1)
- Planning (1)
- Privacy (1)
- SaaS (1)
- Strategic Planning (1)
Resources Developed by the Higher Education Information Security Council (HEISC)
- Information Security Governance
- Information Security Governance Assessment Tool
- Information Security Risk Assessment Consultants List
- Information Security Risk Assessment Sample RFPs
- Risk Assessment Tools
- Risk Management Framework
Risk Analysis and Security Evaluation Tools
- Electronic Risk and Requirements Assessment (E-RA)
- CCTA (Central Computer and Telecommunications Agency) Risk Analysis and Management Method (CRAMM)
- Control Objectives for Information and related Technology (COBIT)
- NIST Recommended Security and Privacy Controls for Federal Information Systems and Organizations (SP 800-53)
- NIST's "An Overview of Issues in Testing Intrusion Detection Systems"
- Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
- Security Targeting and Analysis of Risks (STAR)
Updated October 2012
Library Items on this Topic
EDUCAUSE Library Items for Security Risk Assessment and Analysis
-
Software-as-a-Service Email Security: Risk vs. Trust
-
May 31, 2012
Many organizations would be interested in treating e-mail as a commodity —cutting costs and resource investments by outsourcing it to a software as a service (SaaS) provider. However, …
-
Georgia State University's IT Procurement Review Process--Practical Approach to Assessing Risks of IT Projects
-
March 17, 2011
In late 2005, the Security Review Policy was adopted by the University, which states "Where appropriate, information security personnel will conduct risk assessments of technologies/processe…
-
Developing a University Systemwide Information Security Roadmap
-
April 11, 2007
|
A session at the Security 2007
Developing and implementing a common set of baseline information security practices across all the campuses of a very large state university system can be a daunting undertaking. This presentation …
-
RINGS Open Source Device Registration and Security
-
March 14, 2006
|
A session at the EDUCAUSE Midwest Regional Conference 2006
RINGS provides a complete open source system that scales to the entire campus. This system includes layered security, DHCP services, device registration, account management, security notifications,…
-
Information Security Governance Assessment Tool
-
January 1, 2004
The Information Security Governance (ISG) Assessment Tool is intended to help institutions of higher education determine the degree to which they have implemented an ISG Framework at the strategi…
