-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Filter by type
- Articles, Briefs, Papers, and Reports [x]
Filter by Publications
Filter by Library Taxonomy
- Identity and Access Management [x]
- Security Risk Assessment and Analysis [x]
- Cybersecurity (12)
- Security Management (12)
- Policy and Law (8)
- Information Technology Management and Leadership (7)
- Network Security and Applications (7)
- Campus Policies (6)
- Campus Policy and Law (6)
- Security Policies (6)
- Authentication (4)
- Authorization (4)
- Data Security (4)
- Firewalls (4)
- Single Sign On (SSO) (4)
- Institutional Management (3)
- IT Governance (2)
- Information Systems and Services (2)
- Networking and Emerging Technologies (2)
- Privacy (2)
Resources Developed by the Higher Education Information Security Council (HEISC)
- Information Security Governance
- Information Security Governance Assessment Tool
- Information Security Risk Assessment Consultants List
- Information Security Risk Assessment Sample RFPs
- Risk Assessment Tools
- Risk Management Framework
Risk Analysis and Security Evaluation Tools
- Electronic Risk and Requirements Assessment (E-RA)
- CCTA (Central Computer and Telecommunications Agency) Risk Analysis and Management Method (CRAMM)
- Control Objectives for Information and related Technology (COBIT)
- NIST Recommended Security and Privacy Controls for Federal Information Systems and Organizations (SP 800-53)
- NIST's "An Overview of Issues in Testing Intrusion Detection Systems"
- Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
- Security Targeting and Analysis of Risks (STAR)
Updated October 2012
Library Items on this Topic
EDUCAUSE Library Items for Security Risk Assessment and Analysis
-
An Incremental Approach to Building an Information Security Program
-
April 1, 2013
Key Takeaways Constraints such as tight budgets, increased responsibilities, lack of resources or incentive, and disagreement on a common approach to information security pose ch…
-
Can Big Data Help Universities Tackle Security, BYOD?
-
July 31, 2012
Universities have some of the most complex IT infrastructures around, and BYOD is a reality they can't escape. Chief Security Officers at universities are increasingly turning to Big Data an…
-
Software-as-a-Service Email Security: Risk vs. Trust
-
May 31, 2012
Many organizations would be interested in treating e-mail as a commodity —cutting costs and resource investments by outsourcing it to a software as a service (SaaS) provider. However, …
-
Guide to Enterprise Telework and Remote Access Security (SP 800-46 Revision 1)
-
June 4, 2009
Many organizations’ employees and contractors use enterprise telework technologies to perform work from external locations. Most teleworkers use remote access technologies to interface with an…
-
The Career of the IT Security Officer in Higher Education
-
July 1, 2009
This ECAR occasional paper reports the result of a study designed to understand and document the attributes and responsibilities of the relatively new role of information security officer in high…
-
Most Improved: How Four Institutions Developed Successful IT Security Programs
-
November 3, 2006
Researchers conducted this in-depth case study to complement the ECAR study, Safeguarding the Tower: IT Security in Higher Education 2006. The case study examines how four higher education instit…
-
Safeguarding the Tower: IT Security in Higher Education 2006 – Key Findings
-
October 12, 2006
This document presents the key findings of the ECAR study, Safeguarding the Tower: IT Security in Higher Education 2006. When ECAR studied IT security in 2003, we discovered that despite efforts …
-
Safeguarding the Tower: IT Security in Higher Education 2006 Roadmap
-
October 12, 2006
This roadmap synthesizes the important issues and recommended actions drawn from the ECAR study, Safeguarding the Tower: IT Security in Higher Education 2006. When ECAR studied IT security in 200…
-
Safeguarding the Tower: IT Security in Higher Education 2006
-
October 12, 2006
Abstract When ECAR studied IT security in 2003, we discovered that despite efforts to develop a secure IT infrastructure in higher education, uneven management awareness and a culture that e…
-
Current IT Issues Survey Report, 2006
-
January 1, 2006
Current Issues Current IT Issues Survey Report, 2006 Security and Identity Management edges out Funding IT as the top strategic challenge, while Disaster Recovery/Business Continuity reemer…
