The Security Task Force Risk Assessment Working Group wishes to inform higher education information security practioners of a few recent resource updates which are now available from the Risk Management section of the IT Security Guide.
The Information Security Risk Assessment Consultants list provides a listing of vendors known to have conducted some form of IS risk assessment for at least one higher education institution. The only way a vendor can get onto this list is to be placed there by an EDUCAUSE member institution that has engaged the consultant. Each entry on this list provides a link to the institution which has provided the vendor reference. The list can be a starting place for schools that are seeking a consultant; referencing institutions may be willing to provide additional information about the vendor and the consulting engagement when asked.
