Navigation Bar About the Project
Security Rubric and Planning Grid: Setting Priorities
Assess security preparedness by comparing your district's status with the security indicators below. Level 1 - Overview: Security Preparedness Status
Level 2 - Security Issues -- a mid-level view
Level 3 - SecurityIndicators -- a detailed view
Priority Setting Explainer
Planning Grid Index Security Planning Template

Setting Priorities. After quickly scanning through the rubric, you'll have a ballpark sense of your district's overall security status-- 'Basic', 'Developing', 'Adequate', or 'Advanced'. You'll also notice that you're lagging in some areas and leading in others. With over fifty items on the list, how do you plan your next steps?

How do you decide what's most important? For most items a indicates a significant vulnerability that should be addressed. If your district falls mostly in the 'Developing' column but you rate your district as 'Basic' on two or three items, the items marked with should be confronted first. Examples below:

 

Q. Why is redundant internet access prioritized at 'Developing' level rather than at the 'Basic' level?
Indicator\Status:
Basic
Developing
Adequate
Advanced
Internet Infrastructure (B 32) No redundant internet access.
No redundant internet access.		 Backup internet access on line (cable, DSL) for critical functions. Backup internet access on line (cable, DSL) for critical functions.

A. First, other issues, such as backups, are clearly more important, and second, service interruptions are more likely to impact teaching or administrative activity in a district more actively committed to technology.

 

Q. Why is 'Staff Competency' important for 'Basic' districts while 'Security Staffing' isn't flagged as significant until the 'Adequate' stage?
Indicator\Status:
Basic
Developing
Adequate
Advanced
Staff Competency
(A 42)
-- Support staff are insufficiently trained in desktop support or network management.		 -- Job descriptions
indicate mixed net-
work and desktop
support roles without specific mention of
security-related tasks.		 -- Clear division of responsibility between network and desktop support with clear assignment of responsibility for security tasks and roles. -- Clear division of responsibilities, including security-related tasks. Additionally, IT staff are cross-trained to provide backup support.
Security Staffing
(A 43)		 No one specifically assigned to attend to security CTO or other management staff also deals with security
A staff person is assigned to manage security		 A Chief Security Officer manages all security issues.
A. If desktop computers, by their numbers alone, provide the most obvious route of entry for malware or malfeasance, IT staff should be sufficiently trained to remediate vulnerabilities. In a district at the 'Adequate' stage, increased levels of technology use along with intensified interest in improving security both strongly support the need for designating a staff person to manage security issues.
Return to Security Rubric and Planning Grid - Detail Level

 

  
A Leadership Initiative of CoSN
Home Project Overview About the Project Executive Summary Conference Handouts & Slides Press Releases For Superintendents & Policy Makers For Technology Leaders Share Your Story Free Newsletter Contact Us Join CoSN