-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Filter by type
Filter by Presentations
- Annual Conferences [x]
Filter by Library Taxonomy
- Security Risk Assessment and Analysis [x]
- Cybersecurity (16)
- Security Management (16)
- Network Security and Applications (7)
- Information Technology Management and Leadership (6)
- Policy and Law (6)
- Campus Policies (5)
- Campus Policy and Law (5)
- Risk Management (5)
- Security Policies (5)
- Data Security (3)
- Identity and Access Management (3)
- Privacy (3)
- Security Implementation (3)
- Security Planning (3)
- Authentication (2)
- Incident Handling and Response (2)
- Intrusion Detection and Prevention (2)
- Authorization (1)
- Institutional Management (1)
Resources Developed by the Higher Education Information Security Council (HEISC)
- Information Security Governance
- Information Security Governance Assessment Tool
- Information Security Risk Assessment Consultants List
- Information Security Risk Assessment Sample RFPs
- Risk Assessment Tools
- Risk Management Framework
Risk Analysis and Security Evaluation Tools
- Electronic Risk and Requirements Assessment (E-RA)
- CCTA (Central Computer and Telecommunications Agency) Risk Analysis and Management Method (CRAMM)
- Control Objectives for Information and related Technology (COBIT)
- NIST Recommended Security and Privacy Controls for Federal Information Systems and Organizations (SP 800-53)
- NIST's "An Overview of Issues in Testing Intrusion Detection Systems"
- Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
- Security Targeting and Analysis of Risks (STAR)
Updated October 2012
Library Items on this Topic
EDUCAUSE Library Items for Security Risk Assessment and Analysis
-
A Successful Tool to Create Positive Change: Result of an IT Risk Assessment and Benchmark at Scandinavian Universities
-
October 21, 2005
|
A session at the EDUCAUSE 2005 Annual Conference
Current cost pressures, technology changes, and new requirements meant that changes were needed in the way IT was managed at Scandinavian universities. This session will present results from an IT …
-
Centralizing IT Risk Assessment and Measuring Security Policy Compliance
-
October 20, 2004
|
A session at the EDUCAUSE 2004 Annual Conference
In a decentralized environment, centralizing the periodic risk assessment process offers many advantages, including the ability to derive a composite view of the institutional risks and highlight s…
-
Defining Risk and Fixing the Top 20: Security 101 for a Small School
-
January 1, 2003
What are the security issues for a small school with small budgets? Am I a target if I'm a small school with a low profile? Basic security rules and policies should be implemented at any schoo…
-
GSU's Roadmap for a World-Class Information Security Management System: ISO 27001:2005
-
October 24, 2007
|
A session at the EDUCAUSE 2007 Annual Conference
Georgia State University is one of the first universities to embrace the ISO 27001:2005 standard for establishing an information security management system (ISMS). A systematic and disciplined appr…
-
IdM/IAM and Remote Student Services: Risk Assessment and Identity Management Practices
-
October 15, 2010
|
A session at the EDUCAUSE 2010 Annual Conference
Most campuses offer personalized remote services; some are considering remote identity proofing practices to support higher security access, but all must assess the institutional risk and level of …
-
Information Security Risk Evaluation for Colleges and Universities
-
January 1, 2003
Carnegie Mellon University provides a security risk-management methodology that can be tailored easily to meet the demands of the National Strategy to Secure Cyberspace for higher education. Using …
-
IT Security in Higher Education: A Sea Change
-
October 11, 2006
|
A session at the EDUCAUSE 2006 Annual Conference
ECAR data from 2003 and 2005 make it possible to compare the state of IT security over a critical two-year period. The findings from this analysis are striking, revealing an organizational, technol…
-
Lassoing the Beast: How a Large, Diverse University Is Wrapping Its Arms Around Confidential Data
-
October 26, 2007
|
A session at the EDUCAUSE 2007 Annual Conference
Penn designed the security and privacy impact assessment (SPIA) process and tool to raise awareness about where confidential data reside and to assess risks in seven major threat areas, which can b…
-
Practical Approaches to Effective Risk Management
-
October 20, 2011
|
A session at the EDUCAUSE 2011 Annual Conference
Make the transition from a reactive to proactive security program. Most security experts agree that risk management is fundamental to effective information security. In this interactive seminar, le…
-
Security and Privacy Lightning Round
-
October 30, 2008
|
A session at the EDUCAUSE 2008 Annual Conference
Authenticated Guest Wireless Access: Simplicity and Security Christopher Keslar, University of Pittsburgh The need for guest access is growing as more campuses provide wireless coverage. Th…
