HECVAT Documentation
Welcome to the HECVAT Pro documentation for version full of release v3.0.6. This site provides guidance and expert insights for completing the Higher Education Community Vendor Assessment Toolkit (HECVAT).
Categories
Code | Category | Questions | Weight |
---|---|---|---|
QUAL | Qualifiers | 7 | 60 |
COMP | Company | 5 | 80 |
DOCU | Documentation | 11 | 220 |
ITAC | IT Accessibility | 9 | 180 |
THRD | Third-Parties | 5 | 120 |
CONS | Consulting | 9 | 200 |
APPL | Application/Service Security | 10 | 225 |
PPPR | Policies, Procedures, and Processes | 20 | 390 |
AAAI | Authentication, Authorization, and Accounting | 19 | 460 |
BCPL | Business Continuity Plan | 10 | 210 |
CHNG | Change Management | 15 | 270 |
DATA | Data | 24 | 495 |
DCTR | Datacenter | 17 | 350 |
DRPL | Disaster Recovery Plan | 11 | 230 |
FIDP | Firewalls, IDS, IPS, and Networking | 11 | 240 |
HFIH | Incident Handling | 4 | 60 |
QLAS | Quality Assurance | 5 | 90 |
VULN | Vulnerability Scanning | 6 | 130 |
HIPA | HIPAA | 29 | 595 |
PCID | PCI DSS | 12 | 220 |