-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Filter by type
- Podcasts (6)
- Blogs (5)
- Articles, Briefs, Papers, and Reports (46)
- Blogs and Wikis (2)
- Certification, Education, Training and Tutorials (3)
- Effective Practices (7)
- Government Documents, Laws, Testimonies or Reports (2)
- Plans and Guidelines (7)
- Policies and Procedures (1)
- Presentations and Seminars (95)
- Programs and Projects (1)
- RFPs (1)
- Surveys (2)
- Tools (8)
- Vendors (1)
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
- Security Risk Assessment and Analysis [x]
- Cybersecurity (188)
- Security Management (188)
- Information Technology Management and Leadership (76)
- Policy and Law (57)
- Network Security and Applications (47)
- Risk Management (40)
- Data Security (38)
- Campus Policy and Law (37)
- Campus Policies (36)
- Security Planning (34)
- Security Policies (34)
- Security Awareness (30)
- Incident Handling and Response (28)
- Federal Policy and Law (27)
- Identity and Access Management (22)
- Security Implementation (20)
- Cybersecurity Policy (15)
- Network Vulnerability Assessment (14)
- Planning (13)
Resources Developed by the Higher Education Information Security Council (HEISC)
- Information Security Governance
- Information Security Governance Assessment Tool
- Information Security Risk Assessment Consultants List
- Information Security Risk Assessment Sample RFPs
- Risk Assessment Tools
- Risk Management Framework
Risk Analysis and Security Evaluation Tools
- Electronic Risk and Requirements Assessment (E-RA)
- CCTA (Central Computer and Telecommunications Agency) Risk Analysis and Management Method (CRAMM)
- Control Objectives for Information and related Technology (COBIT)
- NIST Recommended Security and Privacy Controls for Federal Information Systems and Organizations (SP 800-53)
- NIST's "An Overview of Issues in Testing Intrusion Detection Systems"
- Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
- Security Targeting and Analysis of Risks (STAR)
Updated October 2012
Library Items on this Topic
EDUCAUSE Library Items for Security Risk Assessment and Analysis
-
Performing Risk Analysis and Testing: Outsource or In-House? A Towson University Case Study
-
January 7, 2009
|
A session at the EDUCAUSE Mid-Atlantic Regional Conference 2009
To ensure that institutional systems are secure and meet payment card industry requirements, managers must perform regular risk tests on various systems across campus. When we lost our security eng…
-
Compliance Assessment Template
-
September 24, 2008
This sample Harvard University questionnaire is designed to assist people in understanding if the setup and operation of their systems are in compliance with the Harvard Enterprise Information …
-
Information Technology Security Risk Management (ITS-RM) Program
-
December 12, 2008
This is the University of Virginia's ITC’s Information Technology Security Risk Management (ITS-RM) Program, which is intended to provide University departments with the information and to…
-
Security and Privacy Lightning Round
-
October 30, 2008
|
A session at the EDUCAUSE 2008 Annual Conference
Authenticated Guest Wireless Access: Simplicity and Security Christopher Keslar, University of Pittsburgh The need for guest access is growing as more campuses provide wireless coverage. Th…
-
Implementing Information Security Governance Using ISO 27000
-
March 17, 2011
GSU's CIO sponsored the ISO 27001 certification initiative at Georgia State University in mid 2007 and the Information Security Department and Office of Disbursements were the first GSU depa…
-
Georgia State University's IT Procurement Review Process--Practical Approach to Assessing Risks of IT Projects
-
March 17, 2011
In late 2005, the Security Review Policy was adopted by the University, which states "Where appropriate, information security personnel will conduct risk assessments of technologies/processe…
-
Whole Disk Encryption Evaluation and Deployment
-
October 2, 2008
Baylor University has spent two years working on a large-scale deployment of whole-disk encryption. Baylor University has spent two years working…
-
Security Task Force 2008–2009 Strategic Plan: Safeguarding Our IT Assets, Protecting Our Community’s Privacy
-
September 3, 2008
The EDUCAUSE/Internet2 Computer and Network Security Task Force (STF) provides a focal point for the academic community to join together to strengthen the ability of the higher education sector t…
-
Information Security Governance: Standardizing the Practice of Information Security
-
August 19, 2008
This ECAR research bulletin discusses the trend to use a variety of risk assessment frameworks and standards to create an information security program that is sufficiently comprehensive for colle…
-
Information Sharing for IT Security Professionals
-
August 4, 2008
© 2008 Rodney J. Petersen. The text of this article is licensed under the Creative Commons Attribution-NonCommercial-No Derivative Works 3.0 license ( http://creativecommons.org/licenses/by-nc-…
