Educause Security Discussion mailing list archives
Re: HEISC Comparators
From: "Shamblin, Quinn" <qrs () BU EDU>
Date: Mon, 2 Mar 2015 16:32:42 +0000
That would be great, Joanna. We did participate, but I have been having trouble downloading the data, but if I can get it and it maps clearly, that would be very helpful. Thanks! Should we set up a call to walk through it or is it straightforward enough to discuss via email? Best, Quinn R Shamblin . Executive Director of Information Security, Boston University From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joanna Grama Sent: Monday, March 02, 2015 11:26 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] HEISC Comparators Hi Quinn, This year portions of the HEISC information security assessment tool were incorporated into the EDUCAUSE Core Data Survey (CDS) in the information security module (M7). If Boston University completed module 7 of CDS, then you can benchmark information security maturity against peer institutions by using CDS data. The data that you are looking for is in Question 5 and I can provide you with a cross walk between the HEISC tool and the CDS question set if it is helpful. You can access CDS data at: http://www.educause.edu/research-and-publications/research/core-data-service (click on compare and access data) Please let me know if you have any questions. Regards, Joanna Joanna Grama, JD, CISSP, CRISC, CIPT Director of DRA Operations, IT GRC and Cybersecurity Programs Data, Research, and Analytics EDUCAUSE Uncommon Thinking for the Common Good 282 Century Place, Suite 5000, Louisville, CO 80027 direct: 720.406.6769 | main: 303.449.4430 | fax: 303.440.0461 | educause.edu<http://www.educause.edu/> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shamblin, Quinn Sent: Monday, March 2, 2015 11:02 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] HEISC Comparators Hi All, We are working on an in-depth security assessment at BU and one of the tools we used was the EDUCAUSE HEISC security assessment tool. I am looking to get a few comparators results to average for benchmarking purposes. Have any of you completed a HEISC? Would you be willing to share your high-level summary numbers for each major heading? (Risk Management: 3.2, Policy: 4.5, or whatever your numbers were...) Any data you give me will be de-identified and aggregated with the results of others before being used. They will be used to provide context in internal conversations with BU governance and or trustees. If you are willing to share, please contact me off list. I am happy to share our numbers in return. (Remember this list can be read by others, so don't post any numbers here directly.) Best, Quinn R Shamblin . Executive Director of Information Security, Boston University CISM, CISSP, ITIL (Previously GCFA, PMP) Office: 617-358-6310 Mobile: 617-999-7523 Contact me securely: https://securecontact.me/qrs () bu edu
Current thread:
- HEISC Comparators Shamblin, Quinn (Mar 02)
- Re: HEISC Comparators Joanna Grama (Mar 02)
- Re: HEISC Comparators Shamblin, Quinn (Mar 02)
- Re: HEISC Comparators Joanna Grama (Mar 02)
- Re: HEISC Comparators Brad Judy (Mar 02)
- Re: HEISC Comparators Shamblin, Quinn (Mar 02)
- Re: HEISC Comparators Joanna Grama (Mar 02)