HECVAT
Service Description | The Higher Education Community Vendor Assessment Toolkit (HECVAT) attempts to generalize higher education information security and data protection questions and issues regarding cloud services for consistency and ease of use. |
Available To | All MSU faculty & staff seeking to purchase a cloud-based product or service that requires access to MSU data. |
Minimum Requirements | N/A |
Service Access | Contact the Chief Information Security Officer (CISO) to access the correct version of the HECVAT form (ciso@morgan.edu) |
Documentation | More information can be found below or on the following site: https://library.educause.edu/resources/2020/4/higher-education-community-vendor-assessment-toolkit |
Support Contact | Contact CISO to access the correct version of the HECVAT form |
Aliases | Cloud assessment tool |
Campus IT environments are rapidly changing and the speed of cloud service adoption is increasing. As campuses deploy or identify cloud services, they must ensure the cloud services are appropriately assessed for managing the risks to the confidentiality, integrity and availability of sensitive institutional information and the PII of constituents. Both cloud providers and cloud consumers are wasting precious time creating, responding, and reviewing such assessments.
The Higher Education Community Vendor Assessment Toolkit (HECVAT) attempts to generalize higher education information security and data protection questions and issues regarding cloud services for consistency and ease of use. The HECVAT:
Current Version: Contact the Chief Information Security Officer (CISO) to obtain access to the correct version of the HECVAT form.
More information can be found on the following site:
https://library.educause.edu/resources/2020/4/higher-education-community-vendor-assessment-toolkit