1EdTech's TrustEd Apps™ Security Practices Rubric Specification 1.0 and self-assessment process were developed to meet the increasing needs of educational leaders so they can understand and mitigate security risks within their teaching and learning environment and accelerate their procurement processes.
This rubric addresses course-level tools with access to a smaller scope of data and does not include enterprise-level tools. It focuses on the essential needs of educational institutions.
The purpose of the TrustEd Apps Security Practices Rubric is to:
- Promote collaboration between institutions and suppliers to address security concerns in a cooperative manner
- Provide Suppliers with a self-assessment tool
- Promote transparency to support an understanding of the various components of security practices and policies
Completing the TrustEd Apps Security Practices Rubric
TrustEd Apps Security Practices Rubric
This rubric is a self-assessment tool for edtech suppliers developed by 1EdTech members. Currently, the rubric covers:
- Security Practices
Who Can Submit a Self-Assessment
Only 1EdTech member organizations can submit a self-assessment of their product. Assessments should be completed annually. Once published, self-assessments can be viewed by other members. The report will be viewable under the product’s entry in the TrustEd Apps Directory and the TrustEd Apps Management Suite (member login required).
How to Submit a Self-Assessment
From your product page in the TrustEd Apps Directory:
- Scroll down to the App Vetting Reviews section.
- Click "Add Security Rubric."
The specification document is linked at the top of the page for your reference.
- Enter your product information in the fields on the first tab.
- Respond to the self-assessment questions on the additional tabs.
It is strongly recommended to include notes and links as supporting evidence in the notes fields for the corresponding questions.
- Click the "Save" button at the bottom left-hand side of your screen to submit.
The self-assessment must be completed in its entirety at once.
- The completed rubric will be reviewed and published by 1EdTech.
Start implementing 1EdTech TrustEd Apps Security Practices Rubric using the materials below.
Find answers to common question in our FAQ
No, only 1EdTech members have the benefit and ability to complete a 1EdTechTrustEd Apps Security Practices Rubric Self Assessment of their product(s). Learn more about the value of joining the 1EdTech community.
The 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment is located on a 1EdTech member supplier's product page, under the "App Vetting Reviews" section.
Products that are 1EdTech TrustEd Apps Security Practices Rubric Self- Assessed are visible in the 1EdTech’s TrustEd Apps Product Directory and TrustEd Apps Management Suite (TAMS) to all 1000+ member organizations.
1EdTech TrustEd Apps Security Practices Rubric is a public instrument, acknowledged and respected by the education industry. The tool is a supplier's self attestation of their security practices, policies, features, and procedures.
Saves Time and Resources: 1EdTech Security Practices Self Assessment supports awareness of security concerns and transparency related to security practices and features of edtech products. 1EdTech member institutions can use the supplier's self assessment as part of their review and requirements in RFPs, RFIs, and other procurement processes. This saves them time and resources.
Unbiased: 1EdTech is a knowledgeable and neutral organization. The rubric is an unbiased instrument.
From your product page in the TrustEd Apps Directory, scroll down to the App Vetting Reviews section.
Click the button to "Add Security Practices Rubric." The specification document is linked at the top of the page for your reference. Enter your product information in the fields on each tab. When you are done, hit the "Save" button at the bottom left-hand side of your screen to submit. The self-assessment must be completed in its entirety at once.
A group of 1EdTech Institutional and Supplier members, who are cross-industry experts in Security Practices, joined a Task Force that worked together, researching and collaborating to develop the 1EdTech TrustEd Apps Security Practices Rubric Specification, based on the HECVAT and other Security Practices laws and standards.
To maintain their 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment, the Supplier should self-assess their product(s) yearly, or if any changes have been made to their security practices policies, features, and procedures.
The general public can see that a product has been self assessed by a supplier in the 1EdTech TrustEd Apps Product Directory, but only 1EdTech members can view the detailed self-assessment results. The 1EdTech TrustEd Apps Security Practices Rubric Specification v1.0 is an open standard and public document.
Institutions advocate for suppliers to complete their 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment by requiring that all suppliers complete the self-assessment before signing a contract/procuring. This may include the requirement for the Security Practices Rubric self-assessment in their contracts and requests for proposals (RFPs).
The rubric is a formal 1EdTech Final Release public specification. Even though the specification is viewable to both members and the public, suppliers must be or become 1EdTech members to self-assess using our Security Practices Rubric web component on their product(s) in the 1EdTech TrustEd Apps Directory.
Wait. You're Not a 1EdTech Member?
When you join 1EdTech, you’ll work collaboratively with the brightest minds in education and technology. Whether as a Contributing, Affiliate, or Alliance member, our spirit fuels our determination to improve education.
It's Time to Add Your Voice and Leadership
We're Always Happy to Help
The 1EdTech Knowledge Base is an excellent hub of information and resources
to help you build an open, trusted, and innovative digital learning ecosystem.
Have Questions? We Have Answers.