Start today—over 60 EDUs have signed up already! Isora Lite for Vendor Risk is completely free to EDU institutions and state/local agencies.
Isora Lite for Vendor Risk is a free tool for the higher education and state/local agency infosec community. It helps conduct HECVAT and HECVAT Lite risk assessments on third-party (vendor) products.
Isora Lite for Vendor Risk is a “lite” version of our full-featured risk assessment tool, Isora, which helps assess risk across your organization in addition to your vendors.
Our vision is that the greater acceptance across the community, the more organizations that will use Isora Lite to complete HECVAT assessments, and the more comprehensive the repository of completed assessments will be. We’d love to have the community provide feedback!
Here’s what it can do for you:
Create and send HECVAT or HECVAT Lite questionnaires to third-party vendors.
Request updates from third-party vendors for previously completed assessments.
Search for and access previously completed vendor assessments from the community database.
Assess vendor risk scores with dynamic reporting.
I'm an EDU that uses federated authentication.
For members of higher education institutions that use federated authentication (Shibboleth, InCommon, REFEDs), your native Single Sign-On credentials can be used to access Isora Lite for Vendor Risk. The first time you log in, a new account will automatically be created for you as a member of your organization with the authority to create and launch assessments. In subsequent logins, you should continue to log in using federated authentication.
- Visit Isora Lite for Vendor Risk
- Login using the Shibboleth link
- Sign in using your Single Sign-On credentials.
I'm a state/local agency or an EDU that doesn't use federated authentication.
If you belong to a higher ed institution that doesn’t use Shibboleth or are a state/local agency, an Isora Lite for Vendor Risk account will be created for you and login credentials provided by SaltyCloud.