-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Filter by type
Filter by Presentations
Filter by Library Taxonomy
- Security Risk Assessment and Analysis [x]
- Cybersecurity (9)
- Security Management (9)
- Network Security and Applications (3)
- Campus Policies (2)
- Campus Policy and Law (2)
- Policy and Law (2)
- Security Planning (2)
- Security Policies (2)
- Authentication (1)
- Authorization (1)
- Federal Policy and Law (1)
- Identity and Access Management (1)
- Information Systems and Services (1)
- Information Technology Management and Leadership (1)
- Network Vulnerability Assessment (1)
- Risk Management (1)
- Security Architecture (1)
- Security Awareness (1)
- Security Implementation (1)
Resources Developed by the Higher Education Information Security Council (HEISC)
- Information Security Governance
- Information Security Governance Assessment Tool
- Information Security Risk Assessment Consultants List
- Information Security Risk Assessment Sample RFPs
- Risk Assessment Tools
- Risk Management Framework
Risk Analysis and Security Evaluation Tools
- Electronic Risk and Requirements Assessment (E-RA)
- CCTA (Central Computer and Telecommunications Agency) Risk Analysis and Management Method (CRAMM)
- Control Objectives for Information and related Technology (COBIT)
- NIST Recommended Security and Privacy Controls for Federal Information Systems and Organizations (SP 800-53)
- NIST's "An Overview of Issues in Testing Intrusion Detection Systems"
- Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
- Security Targeting and Analysis of Risks (STAR)
Updated October 2012
Library Items on this Topic
EDUCAUSE Library Items for Security Risk Assessment and Analysis
-
The Journey to a Successful Risk Assessment: One Strategy Unveiled
-
February 19, 2010
|
A session at the EDUCAUSE Southwest Regional Conference 2010
A sound risk assessment process is one of the building blocks of a maturing information security program. Join the IT Security Team from Texas State University as they reveal the process and proced…
-
Building and Assessing an Information Security Program
-
February 18, 2010
|
A session at the EDUCAUSE Southwest Regional Conference 2010
Given continually increasing threats, constant additions to government regulations, and rising costs, every institution must address information security. An effective information security program …
-
PKI and LOA: It's Probably Not What You Think
-
April 17, 2008
A level of assurance (LoA) refers to the degree of certainty that (1) a resource owner can assume a specific known physical person is associated with credentials issued by a registration authority,…
-
Appropriate Access: Levels of Assurance
-
February 14, 2008
A level of assurance (LoA) refers to the degree of certainty that (1) a resource owner has that a person's physical self has been adequately verified before credentials are issued by a registr…
-
Are Security and Quality Assurance Part of Your Software Development Life Cycle?
-
April 25, 2006
|
A session at the EDUCAUSE Western Regional Conference 2006
Three out of four vendor or homegrown Web applications have high-risk bugs or security vulnerabilities. This presentation will demonstrate simple but deadly techniques that allow hackers to access …
-
Credentialing, Levels of Assurance, and Risk: What's Good Enough?
-
February 9, 2006
Institutions have finite resources and must draw the line somewhere for what's secure enough. This session will discuss using the process of risk assessments to determine the level of credenti…
-
Citadel Security Software - Are You Vulnerable?
-
April 27, 2005
|
A session at the EDUCAUSE Western Regional Conference 2005
This presentation introduces a best-practices approach to implementing a full life-cycle vulnerability management process to ensure the highest level of security and policy compliance on campus. At…
-
Responding to the Changing Security Landscape: It's a New World!
-
January 1, 2004
Some observers believe that the Internet will never be the same. This presentation will focus on many of the changes colleges and universities are making to respond to escalating threats to their i…
-
Panel Discussion Security—Defending Your Customers from Themselves
-
January 1, 2004
The threat level to your network is on the rise. The sophistication of security threats is increasing faster than the skill levels of your customers. The panel will discuss technologies and techniq…
