Security Design Review and Risk Assessment Templates
To complete a security design review and risk assessment, please fill out the appropriate templates below.
- Higher Education Community Vendor Assessment Toolkit (HECVAT): The latest versions of the HECVAT can be found on the Educause website. Download the HECVAT Full template for any software as a service (SaaS) or platform as a service (PaaS). You will need to use the On-Premise template for any applications that will be installed in our data center.
- Access Management Template: The Access Management Template is used to develop the procedures for managing users and roles within the system, and for creating an auditing plan.
- System Log Monitoring and Detection Plan Template - The System Log Monitoring and Detection Plan template is used for designing your logging and log monitoring processes.
- Risk Assessment Template: The Risk Assessment Template should be used at the end of the security design review.
- There is no template for creating an architecture diagram, but an example is provided. Enterprise Infrastructure Services (EIS) or Enterprise Application Services (EAS) may be able to help you create your diagram.
