Educause Security Discussion mailing list archives
Why the HECVAT?
From: Brian Kelly <bkelly () EDUCAUSE EDU>
Date: Tue, 5 Jan 2021 14:49:21 +0000
A post yesterday mentioned a vendor that “refused to update their HECVAT (they were using an incredibly old version)” … eventually walking away. Why should solution providers complete the HECVAT? Once completed, you can provide your assessment to multiple institutions and streamline procurement processes with your higher ed clients. The HECVAT was created by the Higher Education Information Security Council (HEISC<https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/about-heisc>) Shared Assessments Working Group, in collaboration with Internet2 and REN-ISAC. For more information or questions, email us at HECVAT-WG () EDUCAUSE edu<mailto:HECVAT-WG () EDUCAUSE edu> Who Uses the HECVAT? Join the coalition of 100+ colleges and universities<https://docs.google.com/document/d/1ACX6fly0c3gPm_KA9bMZ2xJ8BKHrEFryuBD08NC_7BM/edit?usp=sharing> and 30+ solution providers<https://www.ren-isac.net/hecvat/cbi.html> who use the HECVAT to reduce risk and save time and money. An active HECVAT Users Community Group - This community group provides campuses with a forum to share information, best practices, and strategies for using the Higher Education Community Vendor Assessment Toolkit (HECVAT). Members of this group are encouraged to pose questions to their peers and suggest potential updates, corrections, and modifications to the HECVAT. https://www.educause.edu/community/hecvat-users-community-group The HECVAT Tools The most current versions are linked below. https://library.educause.edu/resources/2020/4/higher-education-community-vendor-assessment-toolkit Brian Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program<https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program> bkelly () educause edu<mailto:bkelly () educause edu> EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0> | Twitter: @HEISCouncil direct: 475.449.6440 | educause.edu<http://www.educause.edu/> 1150 18th Street, NW, Suite 900 Washington, DC 20036 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Why the HECVAT? Brian Kelly (Jan 05)
- Re: Why the HECVAT? Josh Boon (Jan 05)