-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Filter by type
- Podcasts (3)
- Blogs (1)
- Articles, Briefs, Papers, and Reports (22)
- Certification, Education, Training and Tutorials (1)
- Effective Practices (1)
- Government Documents, Laws, Testimonies or Reports (1)
- Plans and Guidelines (4)
- Presentations and Seminars (36)
- Programs and Projects (1)
- Surveys (2)
- Tools (6)
- Vendors (1)
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
- Information Technology Management and Leadership [x]
- Security Risk Assessment and Analysis [x]
- Cybersecurity (79)
- Security Management (79)
- Risk Management (42)
- Policy and Law (21)
- Security Planning (16)
- Data Security (15)
- Campus Policy and Law (14)
- Planning (14)
- Campus Policies (13)
- Security Policies (13)
- Identity and Access Management (11)
- Federal Policy and Law (10)
- Incident Handling and Response (8)
- Institutional Management (8)
- Security Implementation (8)
- Network Security and Applications (7)
- Business Continuity (6)
- Information Systems and Services (6)
Resources Developed by the Higher Education Information Security Council (HEISC)
- Information Security Governance
- Information Security Governance Assessment Tool
- Information Security Risk Assessment Consultants List
- Information Security Risk Assessment Sample RFPs
- Risk Assessment Tools
- Risk Management Framework
Risk Analysis and Security Evaluation Tools
- Electronic Risk and Requirements Assessment (E-RA)
- CCTA (Central Computer and Telecommunications Agency) Risk Analysis and Management Method (CRAMM)
- Control Objectives for Information and related Technology (COBIT)
- NIST Recommended Security and Privacy Controls for Federal Information Systems and Organizations (SP 800-53)
- NIST's "An Overview of Issues in Testing Intrusion Detection Systems"
- Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
- Security Targeting and Analysis of Risks (STAR)
Updated October 2012
Library Items on this Topic
EDUCAUSE Library Items for Security Risk Assessment and Analysis
-
Information Systems Under Attack: Managing Enterprise Risk
-
February 22, 2007
Today's enterprise information systems are increasingly coming under attack by sophisticated adversaries around the world including nation-states, terrorist organizations, criminals, hackers, …
-
Most Improved: How Four Institutions Developed Successful IT Security Programs
-
November 3, 2006
Researchers conducted this in-depth case study to complement the ECAR study, Safeguarding the Tower: IT Security in Higher Education 2006. The case study examines how four higher education instit…
-
Safeguarding the Tower: IT Security in Higher Education 2006
-
October 11, 2006
Presentation at EDUCAUSE 2006, October 9-12, 2006, Dallas, Texas. This presentation summarizes the findings of the EDUCAUSE Center for Applied Research 2006 study of information technology securi…
-
Going Beyond Recovery to Continuity: Lessons Learned
-
January 1, 2006
The main campus of The George Washington University is located just a few blocks from the White House. The series of events surrounding 9/11 helped to accelerate advancement of a university-wide …
-
Defend IT: Security by Example - Book Review
-
January 1, 2005
Recommended Reading Defend IT: Security by Example Ajay Gupta and Scott Laliberte Addison Wesley Professional, 2004 $34.99 (paper), 384 pp. ISBN 0-321-19767-4 …
-
Two Approaches to PCI DSS Compliance
-
April 11, 2006
|
A session at the Security 2006
The Payment Card Industry Data Security Standard (PCI DSS) poses a unique challenge to institutions of higher education, which often host many diverse credit/debit card merchants on our campuses. L…
-
Security Assessments in an Academic Environment
-
April 11, 2006
|
A session at the Security 2006
Baylor University recently conducted a campus-wide IT security assessment. This session presents the process from choosing a consultant to remediation of the assessments discoveries. The result is …
-
Current IT Issues Survey Report, 2006
-
January 1, 2006
Current Issues Current IT Issues Survey Report, 2006 Security and Identity Management edges out Funding IT as the top strategic challenge, while Disaster Recovery/Business Continuity reemer…
-
RINGS Open Source Device Registration and Security
-
March 14, 2006
|
A session at the EDUCAUSE Midwest Regional Conference 2006
RINGS provides a complete open source system that scales to the entire campus. This system includes layered security, DHCP services, device registration, account management, security notifications,…
-
Risk Assessment 101
-
March 13, 2006
|
A session at the EDUCAUSE Midwest Regional Conference 2006
Have you examined how to physically protect your data? With federal requirements imposed such as GLBA, FERPA, and HIPAA and threats of identity theft, where do you start? Learn where we began by as…
