Search| Browse| Contribute
Library| Blogs| Jobs| Podcasts| Wikis| Feeds
Page Location:
Home > Browse > Information Technology Management and Leadership > Risk Management (57 records)
Alternate ViewsRSS

Risk Management

Recent resources tagged with Risk Management.

Georgia State University's IT Procurement Review Process--Practical Approach to Assessing Risks of IT Projects
Added by the EDUCAUSE Librarian
Title:Georgia State University's IT Procurement Review Process--Practical Approach to Assessing Risks of IT Projects (ID: EPS302)
Author(s):Tammy L. Clark (Georgia State University)
Origin:Contributed by Organizations or Campuses (10/02/2008)
Type:Effective Practices
Abstract:

In late 2005, the Security Review Policy was adopted by the University, which states "Where appropriate, information security personnel will conduct risk assessments of technologies/processes that are being evaluated and/or used at Georgia State University. The purpose of these assessments is to quantify the impact and probability of potential threats and vulnerabilities.

View this resource:
http://www.educause.edu/ir/library/pdf/EPS302.pdf
| | | |
Login to post comments  Send to a Friend  138 reads

Podcast: Community Source Software: The Beginning of the End, or the End of the Beginning?

Created by Gerry Bayne (EDUCAUSE) on June 05, 2008

This hour and seventeen minute podcast features a panel discussion from the EDUCAUSE 2008 Enterprise Conference in Chicago. This lively discussion, "Community Source Software: The Beginning of the End, or the End of the Beginning?," includes:

| | | | | | |
gbayne's blog  Login to post comments  Read more  1 attachment  Send to Friend  1054 reads

Addressing Complex Security Threats Through Risk Management
Added by the EDUCAUSE Librarian
Title:Addressing Complex Security Threats Through Risk Management (ID: SEC08008)
Author(s):Rebecca Whitener (EDS)
Origin:Presented at Security Professionals Conference (05/04/2008)
Type:Presentations/Speeches
Abstract:

In this session, we will address the current cybersecurity issues that are challenging higher education leaders today as they try to stay on top of the risks associated with attacks on information systems from internal and external sources. Emerging enterprise risk management (ERM) methodologies will be examined as a source of guidance for creating an effective risk-based approach for managing current and future threats.

View this resource:
http://connect.educause.edu/blog/gbayne/podcastaddressingcom/46768Podcast of Session
http://www.educause.edu/ir/library/powerpoint/SEC08008.ppsxAddressing Complex Security Threats Through Risk Management
| | | |
Send to a Friend  223 reads

Podcast: Addressing Complex Security Threats Through Risk Management
Created by Gerry Bayne (EDUCAUSE) on May 16, 2008

This 40 minute podcast features a keynote address by Rebecca Whitener, Former Vice President of Enterprise Risk Management and Chief Risk Officer at EDS. Her speech, "Addressing Complex Security Threats Through Risk Management," was recorded at the EDUCAUSE 2008 Security Conference in Arlington, Virginia.

In this session, we address the current cybersecurity issues that are challenging higher education leaders today as they try to stay on top of the risks associated with attacks on information systems from internal and external sources. Emerging enterprise risk management (ERM) methodologies are examined as a source of guidance for creating an effective risk-based approach for managing current and future threats.

| | | |
gbayne's blog  Login to post comments  1 attachment  Send to Friend  229 reads

Building a Risk-Based Information Security Program
Added by the EDUCAUSE Librarian
Title:Building a Risk-Based Information Security Program (ID: SEC08054)
Author(s):Michael Chapple (University of Notre Dame)
Origin:Presented at Security Professionals Conference (05/04/2008)
Type:Presentations/Speeches
Abstract:

In 2005, the University of Notre Dame suffered a serious incident that brought information security into the campus spotlight. In response, we partnered with a Big Four consulting firm to conduct a comprehensive IT risk assessment. Two years later, we're halfway through a four-year risk management program.

View this resource:
http://www.educause.edu/ir/library/powerpoint/SEC08054.pps
| | |
Send to a Friend  108 reads

Managing IT Risk in Higher Education: A Methodology
Added by the EDUCAUSE Librarian
Title:Managing IT Risk in Higher Education: A Methodology (ID: ERB0806)
Author(s):Ian D. Waters (University of Technology, Sydney)
Origin:Documents Contributed by ECAR, Research Bulletins (03/18/2008)
Type:Articles, Papers, and Reports
Abstract:

This research bulletin presents a methodology, used successfully at the University of Technology, Sydney (UTS) in Australia, for managing and assessing risks related to information technology systems and resources. It describes the institutional commitment, background, organizational structure, methodology, implementation, and outcomes of an institutionally inclusive risk assessment that yielded valuable results that can be applied in other colleges and universities.

Citation for this work : Waters, Ian. “Managing IT Risk in Higher Education: A Methodology” (Research Bulletin, Issue 6). Boulder, CO: EDUCAUSE Center for Applied Research, 2008, available from http://www.educause.edu/ecar.

View this resource:
http://www.educause.edu/ir/library/pdf/ecar_so/erb/ERB0806.pdf
This publication is currently password protected. All faculty, staff, and students from institutions that have subscribed to ECAR at the ECAR Participating, Comprehensive Content, Corporate, and Research Bulletins Package levels are authorized to access this publication by using their EDUCAUSE personal profile.
| |
Login to post comments  Send to a Friend  2693 reads

Information Risk Management Policy Template
Added by the EDUCAUSE Librarian
Title:Information Risk Management Policy Template (ID: CSD5368)
Origin:Contributed by the Security Task Force (03/17/2008)
Type:Plans and Guidelines
Abstract:

The purpose of this policy template is to ensure that risks to University information are identified, analyzed, and managed so that they are maintained at acceptable levels. Risks to the confidentiality, integrity, and availability of university information are considered.

View this resource:
http://www.educause.edu/ir/library/word/CSD5368.doc
| | | |
Login to post comments  Send to a Friend  654 reads

Information Security Risk Assessment Consultants List
Added by the EDUCAUSE Librarian
Title:Information Security Risk Assessment Consultants List (ID: CSD5366)
Origin:Contributed by the Security Task Force (03/14/2008)
Type:Vendors
Abstract:

The Risk Assessment Consultants List is intended as an aid to schools seeking a place to start looking for risk assessment vendors. It provides links to referencing institutions which may be able to provide additional information regarding specific consulting engagements. Note: The only way a vendor can get onto this list is to be placed there by an EDUCAUSE member institution that has engaged the consultant.

View this resource:
https://wiki.internet2.edu/confluence/display/secguide/Information+Security+Risk+Assessment+Consultants[Off site]
| |
Login to post comments  Send to a Friend  216 reads

New Risk Assessment Resources Available
Created by Valerie M. Vogel (EDUCAUSE) on March 14, 2008

The Security Task Force Risk Assessment Working Group wishes to inform higher education information security practioners of a few recent resource updates which are now available from the Risk Management section of the IT Security Guide

The Information Security Risk Assessment Consultants list provides a listing of vendors known to have conducted some form of IS risk assessment for at least one higher education institution. The only way a vendor can get onto this list is to be placed there by an EDUCAUSE member institution that has engaged the consultant. Each entry on this list provides a link to the institution which has provided the vendor reference. The list can be a starting place for schools that are seeking a consultant; referencing institutions may be willing to provide additional information about the vendor and the consulting engagement when asked.

| | |
vvogel's blog  Login to post comments  Read more  Send to Friend  198 reads

Risk Assessment Tools List
Added by the EDUCAUSE Librarian
Title:Risk Assessment Tools List (ID: CSD5365)
Origin:Contributed by the Security Task Force (03/14/2008)
Type:Tools
Abstract:

The Security Task Force Risk Assessment Working Group has developed this list of Risk Assessment tools which can aid with a risk assessment. The tools are a mix of some sold or licensed by vendors, some provided by colleague institutions, and some from associations or standards groups. This list does not contain any comparative or value judgment information regarding the tools. It merely provides the list as a starting point for the product-seeking process.

View this resource:
https://wiki.internet2.edu/confluence/display/secguide/Risk+Assessment+Tools[Off site]
| |
Login to post comments  Send to a Friend  263 reads
123456next ›last »