Educause Security Discussion mailing list archives
Re: Information Security Risk Assessment Process/Tools
From: Valerie Vogel <vvogel () EDUCAUSE EDU>
Date: Wed, 6 Feb 2019 16:57:05 +0000
Hi Jodi, There are several HEISC resources available on risk management and risk assessments. Here are a few links. Hopefully other campuses will share other tools and insights, as well. Information Security Program Assessment Tool: https://library.educause.edu/resources/2015/11/information-security-program-assessment-tool IT Risk Register: https://library.educause.edu/resources/2015/10/it-risk-register Risk Management chapter in the Information Security Guide: https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/risk-management Risk Management Framework: https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/toolkits/risk-management-framework Risk Management Through Security Planning: Lessons from a CIO and CISO (article): https://er.educause.edu/articles/2016/2/risk-management-through-security-planning-lessons-from-a-cio-and-ciso Thank you, Valerie Valerie Vogel Interim Director, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good direct: 202.331.5374 | Follow HEISC on LinkedIn<https://www.linkedin.com/showcase/higher-education-information-security-council-heisc-/> | twitter: @HEISCouncil | vvogel () educause edu<mailto:vvogel () educause edu> From: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Jodi Casanova <Jodi.Casanova () NORTHERN EDU> Reply-To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU> Date: Wednesday, February 6, 2019 at 8:42 AM To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Information Security Risk Assessment Process/Tools Good morning! Campuses in our State university system are collaborating to further develop our information security risk assessment process. I would greatly appreciate insights - or suggestions for tools - from anyone who has gone down this road and has a more mature process in place. Thanks much! Jodi Casanova Chief IT Security Officer Director of Networking/Technical Services Northern State University Office 605.626.2564 Cell 605.380.2168
Current thread:
- Information Security Risk Assessment Process/Tools Casanova, Jodi (Feb 06)
- <Possible follow-ups>
- Re: Information Security Risk Assessment Process/Tools Valerie Vogel (Feb 06)
- Re: Information Security Risk Assessment Process/Tools Caston Thomas (Feb 07)
- Re: Information Security Risk Assessment Process/Tools Barton, Robert W. (Feb 07)
- Re: Information Security Risk Assessment Process/Tools Richard Phung (Feb 07)
- Re: Information Security Risk Assessment Process/Tools Hagan, Sean (Feb 07)
- Re: Information Security Risk Assessment Process/Tools Barnes, William (Feb 07)
- Re: Information Security Risk Assessment Process/Tools Penn, Blake C (Feb 07)
- Re: Information Security Risk Assessment Process/Tools Casanova, Jodi (Feb 07)
- Re: Information Security Risk Assessment Process/Tools Penn, Blake C (Feb 08)
- Re: Information Security Risk Assessment Process/Tools Barton, Robert W. (Feb 07)