Educause Security Discussion mailing list archives

Re: HECVAT Security Assessment Question

From: Andy Hooper <hooper () QUEENSU CA>
Date: Fri, 14 Jul 2017 14:15:43 -0400

For RFPs we do two stages. All bidders complete about twenty fairly easy
questions. This gives enough information for a sense of the security
maturity. Once a preferred bid has been selected, we do more detailed
questions during the negotiation phase. That could result in adding work
items to the contract, or in the worst case, moving on to the next
preference. Security has very low weight in our RFP scoring, but as long
as price isn't weighted too high, then good security seems to be
generally associated with good function.

HECVAT doesn't have much on privacy. Are people using HECVAT doing
something separate for privacy and access-to-information aspects?

- Andy Hooper - IT Services - Queen's University -

Current thread:

Re: HECVAT Security Assessment Question Velislav K Pavlov (Jul 06)
- <Possible follow-ups>
- Re: HECVAT Security Assessment Question Sue McGlashan (Jul 06)
  - Re: HECVAT Security Assessment Question Shelton Waggener (Jul 06)
- Re: HECVAT Security Assessment Question Mark Dieterich (Jul 06)
  - Re: HECVAT Security Assessment Question Sue McGlashan (Jul 07)
    - Re: HECVAT Security Assessment Question José A. Domínguez (Jul 10)
    - Re: HECVAT Security Assessment Question Rob Milman (Jul 13)
    - Re: HECVAT Security Assessment Question Joanna Grama (Jul 13)
    - Re: HECVAT Security Assessment Question Joel McKenzie (Jul 13)
    - Re: HECVAT Security Assessment Question Ruth Ginzberg (Jul 13)
    - Re: HECVAT Security Assessment Question Andy Hooper (Jul 14)
    - Re: HECVAT Security Assessment Question Sue McGlashan (Jul 14)
    - Re: HECVAT Security Assessment Question Rob Milman (Jul 14)
    - Re: HECVAT Security Assessment Question Brad Judy (Jul 13)
    - Re: HECVAT Security Assessment Question Velislav K Pavlov (Jul 13)
    - Re: HECVAT Security Assessment Question Brown,Thomas (Jul 13)
    - Re: HECVAT Security Assessment Question Escue, Charles E (Jul 14)
    - Re: HECVAT Security Assessment Question Brown,Thomas (Jul 14)
    - Re: HECVAT Security Assessment Question Davis, Kevin (Jul 19)
    - Re: HECVAT Security Assessment Question Shelton Waggener (Jul 19)