Security Task Force Announcements, Security Risk Assessment and Analysis, and Risk Management

The Security Task Force Risk Assessment Working Group wishes to inform higher education information security practioners of a few recent resource updates which are now available from the Risk Management section of the IT Security Guide. 

The Information Security Risk Assessment Consultants list provides a listing of vendors known to have conducted some form of IS risk assessment for at least one higher education institution. The only way a vendor can get onto this list is to be placed there by an EDUCAUSE member institution that has engaged the consultant. Each entry on this list provides a link to the institution which has provided the vendor reference. The list can be a starting place for schools that are seeking a consultant; referencing institutions may be willing to provide additional information about the vendor and the consulting engagement when asked.

Learn more about George Mason University's executive enterprise risk management approach in the September 2006 University Business article, "Business Continuity Planning", by Joy R. Hughes (Security Task Force Co-Chair), et al.

The EDUCAUSE/Internet2 Security Task Force Risk Assessment Working Group has released the Risk Assessment Framework, which provides a high-level overview of assessing information systems within higher education.

View additional Security Risk Assessment and Analysis resources available in the EDUCAUSE Resource Center.