HECVAT Transforms Third-Party Risk Assessments

Friday, October 29 | 8:30AM–9:15AM ET | 201AB, 200 Level
Viewing Location: Philadelphia
Session Type: Breakout Session
Delivery Format: Presentation/Panel Session
The Higher Education Community Vendor Assessment Toolkit (HECVAT) is an outstanding example of "community good." Begun in 2016 as the EDUCAUSE Shared Assessments Working Group, the HECVAT has morphed into the go-to toolkit for third-party, cloud, on-prem, and supply chain risk assessments in higher education. 2021 is a transformational year for the HECVAT. Volunteers from EDUCAUSE, REN-ISAC, and Internet 2 will provide an update on their work.


  • Jon Allen

    Associate Vice President CIO & CISO, Baylor University
  • Josh Callahan

    Chief Information Security Officer, California State University, Office of the Chancellor
  • Charlie Escue

    Information Security Manager, Indiana University
  • Brian Kelly

    Virtual Chief Information Security Officer (vCISO), Compass IT Compliance
  • Nick Lewis

    Program Manager, Security and Identity, Internet2