Jon Allen
Associate Vice President CIO & CISO,
Baylor University
Come Learn about HECVAT and Third-Party Risk Management for Your Campus! (separate registration is required)
Monday, October 27, 2025 | 12:30PM–4:00PM CT | Meeting Room 104 AB, Level 1
Session Type:
Preconference Workshop
Delivery Format:
Additional Fee Program
This interactive workshop will introduce participants to current privacy, security, and accessibility topics in the third-party risk management landscape. They will discuss core considerations relevant to reviewing and selecting third-party products and services best-suited for campus deployment. Presenters will identify and discuss institutional stakeholders; provide examples of meaningful, productive security using HECVAT or other tools; privacy and institutional reviews with incorporated contractual considerations; and help you create new or streamlined processes. They will work through an IT Accessibility assessment and a HECVAT example. They will also discuss the strategic importance of third-party risk management for AI tools on campuses. Institutional reviews may include vendor management, procurement, IT accessibility, legal, and many other aspects for campuses to prioritize. We will reserve time for your questions and group discussion.
Join us as we tear down the walls of complexity surrounding third-party risk management and equip you with the tools and resources to scale meaningful and productive reviews within your organization.
Outcomes of this workshop:
- Gain an understanding of the HECVAT and its advantages.
- Hear how institutions are using the HECVAT to improve their vendor assessments.
- Gain an understanding of how higher education institutions perform third-party risk management.
Note: Participants who successfully complete this preconference workshop will be eligible to receive an EDUCAUSE microcredential. To earn this digital badge, you must complete a brief workshop evaluation and share two key learning outcomes from your experience. All registered participants will receive an email on October 29 with instructions for completing these steps. Completion of both is required. To learn how to accept and make the most of your microcredential, visit the EDUCAUSE Microcredential website.
