Step 1. Choose your HEISC Information Security Program Assessment


The Information Security Program self-assessment tool evaluates the maturity of higher education information security programs. It is using as a framework the International Organization for Standardization (ISO) 27002:2013 “Information Technology Security Techniques. Code of Practice for Information Security Management.” This tool is intended for use by an higher education institution as a whole, although a unit within an institution may also use it to help determine the maturity of its individual information security program. The assessment tool uses the ISO 21827:2008 framework for scoring maturity from 0 to 5. It was developed by the Higher Education Information Security Council (HEISC). 

HEISC Information Security Program Assessment

The Information Security Program self-assessment tool evaluates the maturity of higher education information security programs using as a framework ISO 27002:2013.

The HEISC Information Security Program Assessment was developed by Educause under a Creative Commons Attribution-Non Commercial-No Derivatives 4.0 International Public License.


Step 2. Edit / Answer / Share the Assessment


Disclaimer: the assessments are provided by Vendict “as is” for information purposes only. Any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. While we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the inserted assessment contained herein. Any reliance you place on such information is therefore strictly at your own risk.