Skip to main content

1EdTech TrustEd Apps Security Practices Rubric

 

 

security rubric lockup

 

Technical Overview   |   Get Started   |   Get Involved   |   Support

 

 

1EdTech's TrustEd Apps Security Practices Rubric Specification 1.0 and self-assessment process were developed to meet the increasing needs of educational leaders so they can understand and mitigate security risks within their teaching and learning environment and accelerate their procurement processes.

This rubric addresses course-level tools with access to a smaller scope of data and does not include enterprise-level tools. It focuses on the essential needs of educational institutions.

rubric icon

 

    The purpose of the TrustEd Apps Security Practices Rubric is to:

    • Promote collaboration between institutions and suppliers to address security concerns in a cooperative manner
    • Provide Suppliers with a self-assessment tool
    • Promote transparency to support an understanding of the various components of security practices and policies

     

     


     

    Technical Overview

    Completing the TrustEd Apps Security Practices Rubric 

    TrustEd Apps Security Practices Rubric

    This rubric is a self-assessment tool for edtech suppliers developed by 1EdTech members. Currently, the rubric covers:

    1. Security Practices

    Who Can Submit a Self-Assessment

    Only 1EdTech member organizations can submit a self-assessment of their product. Assessments should be completed annually. Once published, self-assessments can be viewed by other members. The report will be viewable under the product’s entry in the TrustEd Apps Directory and the TrustEd Apps Management Suite (member login required).

    How to Submit a Self-Assessment

    From your product page in the TrustEd Apps Directory:

    • Scroll down to the App Vetting Reviews section.
       
    • Click "Add Security Rubric."
      The specification document is linked at the top of the page for your reference. 
       
    • Enter your product information in the fields on the first tab. 
       
    • Respond to the self-assessment questions on the additional tabs.
      It is strongly recommended to include notes and links as supporting evidence in the notes fields for the corresponding questions.
        
    • Click the "Save" button at the bottom left-hand side of your screen to submit.
      The self-assessment must be completed in its entirety at once.
       
    • The completed rubric will be reviewed and published by 1EdTech.

     

     


     

     

    Get Started

    Start implementing 1EdTech TrustEd Apps Security Practices Rubric using the materials below.

    Public Resources

    Member Resources (Login Required)

    Have Questions?

    For additional information, our experts are here to help. 1EdTech members can contact support@1edtech.org.

    Knowledge Base

     


     

    Institutions and edtech suppliers collaborate in 1EdTech Leadership groups
    to advance education technology innovation, promote interoperability, and support learner achievement and outcomes.

    Project Groups

    1EdTech Contributing Member institutions and edtech suppliers, including product managers, developers, architects, and institutional staff, are invited.

    In-Person Events

    Join us for the Learning Impact Conference, Digital Credentials Summit, and 1EdTech Technical Meetings throughout the year.

     

    See All 1EdTech Events
    Calendar

     

    Innovation Leadership Network

    Involves current 1EdTech institutional members to help build community-focused solutions in higher education.

     

    Find answers to common question in our FAQ

    No, only 1EdTech members have the benefit and ability to complete a 1EdTechTrustEd Apps Security Practices Rubric Self Assessment of their product(s). Learn more about the value of joining the 1EdTech community.

    The 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment is located on a 1EdTech member supplier's product page, under the "App Vetting Reviews" section.

    Products that are 1EdTech TrustEd Apps Security Practices Rubric Self- Assessed are visible in the 1EdTech’s TrustEd Apps Product Directory and TrustEd Apps Management Suite (TAMS) to all 1000+ member organizations.

    1EdTech TrustEd Apps Security Practices Rubric is a public instrument, acknowledged and respected by the education industry. The tool is a supplier's self attestation of their security practices, policies, features, and procedures.

    Saves Time and Resources: 1EdTech Security Practices Self Assessment supports awareness of security concerns and transparency related to security practices and features of edtech products. 1EdTech member institutions can use the supplier's self assessment as part of their review and requirements in RFPs, RFIs, and other procurement processes. This saves them time and resources.

    Unbiased: 1EdTech is a knowledgeable and neutral organization. The rubric is an unbiased instrument.

    How to Submit Your Self-Assessment:

    From your product page in the TrustEd Apps Directory, scroll down to the App Vetting Reviews section.

    Click the button to "Add Security Practices Rubric." The specification document is linked at the top of the page for your reference. Enter your product information in the fields on each tab. When you are done, hit the "Save" button at the bottom left-hand side of your screen to submit. The self-assessment must be completed in its entirety at once.

    A group of 1EdTech Institutional and Supplier members, who are cross-industry experts in Security Practices, joined a Task Force that worked together, researching and collaborating to develop the 1EdTech TrustEd Apps Security Practices Rubric Specification, based on the HECVAT and other Security Practices laws and standards.

    To maintain their 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment, the Supplier should self-assess their product(s) yearly, or if any changes have been made to their security practices policies, features, and procedures.

    The general public can see that a product has been self assessed by a supplier in the 1EdTech TrustEd Apps Product Directory, but only 1EdTech members can view the detailed self-assessment results. The 1EdTech TrustEd Apps Security Practices Rubric Specification v1.0 is an open standard and public document.

    Institutions advocate for suppliers to complete their 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment by requiring that all suppliers complete the self-assessment before signing a contract/procuring. This may include the requirement for the Security Practices Rubric self-assessment in their contracts and requests for proposals (RFPs).

    The rubric is a formal 1EdTech Final Release public specification. Even though the specification is viewable to both members and the public, suppliers must be or become 1EdTech members to self-assess using our Security Practices Rubric web component on their product(s) in the 1EdTech TrustEd Apps Directory.

     

    Wait. You're Not a 1EdTech Member?

    When you join 1EdTech, you’ll work collaboratively with the brightest minds in education and technology. Whether as a Contributing, Affiliate, or Alliance member, our spirit fuels our determination to improve education.

    It's Time to Add Your Voice and Leadership
    Start Here

     


     

    We're Always Happy to Help

    The 1EdTech Knowledge Base is an excellent hub of information and resources
    to help you build an open, trusted, and innovative digital learning ecosystem.

    Have Questions? We Have Answers.
    Contact Us

     

    Help us improve the accessibility of this site by emailing recommendations to web@imsglobal.org