Other Resources for Data Governance

Colorado Sample LEA Privacy and Security Policies

April 27, 2017 | Colorado Department of Education

Colorado Sample LEA Privacy and Security Policies

Per the Student Data Transparency and Security Act (PDF), the Colorado Department of Education is required to provide Local Education Providers (LEPs) with a sample Student Information Privacy and Protection Policy. CDE developed a suite of over 40 sample policies that cover important security and privacy processes.

More
Colorado Model Vendor Contract

April 27, 2017 | Colorado Department of Education

Colorado Model Vendor Contract

The Colorado Department of Education (CDE) has instituted its data and security contract review process. As part of that process, we ensure that all contracts that involve the access to or transfer of Personally Identifiable Information (PII) contain the appropriate privacy and security contract terms. If you would like to review our current contract template, it […]

More
Phishing Simulation Programs

April 27, 2017 | EDUCAUSE

Phishing Simulation Programs

A phishing simulation program (also commonly referred to as “self-phishing” or phishing assessment program) is a customizable awareness program used by information security professionals in higher education and private industry. This highly effective training program—which is typically incorporated into an existing campus information security awareness program—allows organizations to simulate phishing e-mails, help identify which end […]

More
Information Security Program Assessment Tool

April 27, 2017 | EDUCAUSE

Information Security Program Assessment Tool

This self-assessment tool was created to evaluate the maturity of higher education information security programs using as a framework the International Organization for Standardization (ISO) 27002:2013 “Information Technology Security Techniques. Code of Practice for Information Security Management.” This tool was intended for use by an institution as a whole, although a unit within an institution […]

More
Electronic Records Management Toolkit

April 27, 2017 | EDUCAUSE

Electronic Records Management Toolkit

A practical set of resources that will assist members of the higher education community in addressing related issues of electronic records management (ERM), e-discovery, and data retention on their own campuses.

More
Developing Your Campus Information Security Website

April 27, 2017 | EDUCAUSE

Developing Your Campus Information Security Website

In an effort to help institutions create effective information security websites that are informative and helpful to their users, the Higher Education Information Security Council has compiled a list of common features and effective practices that can serve as an outline for a college or university developing or updating their campus information security website.

More
Data Protection Contractual Language

April 27, 2017 | EDUCAUSE

Data Protection Contractual Language

Sample proposal and contract language for common themes related to data protection as well as practical guidance as to when and how to consider the themes when drafting or reviewing a request for information (RFI), request for proposal (RFP) or contract.

More
Data Incident Notification Toolkit

April 27, 2017 | EDUCAUSE

Data Incident Notification Toolkit

A toolkit with templates, tips, and examples that can be referred to during the process of notifying potential victims of data compromise.

More
Data Classification Toolkit

April 27, 2017 | EDUCAUSE

Data Classification Toolkit

A compilation of resources pertaining to data classification in higher education. Although data classification is just one component of a comprehensive program to protect data, it is an important foundation. This Toolkit consolidates resources from the EDUCAUSE web site as well as from other sources, and organizes them into five basic steps.

More