Collaborating to Address IT Security Risks

Collaborating to Address IT Security Risks

Collaborating to Address IT Security Risks

Oct 10, 2018, 11:13 AM

A common struggle across institutions is balancing speed and thoroughness in performing security reviews of third-party software. In an effort to address this, the Big Ten Academic Alliance Chief Information Security Officers (CISOs) recently joined forces and developed an innovative approach to increase transparency and collaboration.


A common struggle across institutions is balancing speed and thoroughness in performing security reviews of third-party software. In an effort to address this, the Big Ten Academic Alliance Chief Information Security Officers (CISOs) recently joined forces and developed an innovative approach to increase transparency and collaboration. 

Through the Big Ten Academic Alliance, participating universities have contracted with Riskonnect, Inc., to provide vendor risk management services and develop a shared platform. The platform will assist universities in evaluating the security risk of third-party software purchases and serve as a mechanism to share security assessment information among member universities.

This effort is expected to streamline the security review process at the participating campuses thereby reducing costs and creating efficiencies. It is a prime example of the culture of collaboration that exists among Big Ten Academic Alliance members. Gary Clark, Director, IT Risk Management at the Ohio State University is the technical lead, Justin Perry, Senior Commodity Manager at the Ohio State University is the procurement lead, and Jeff Oberg, Director, Operations is the Big Ten Academic Alliance consortial lead for the initiative. The implementation will commence in October 2018 with plans for the platform to be functional in early 2019.