caveon webinar series - creating your test security game plan - march 2016
Post on 16-Jan-2017
183 Views
Preview:
TRANSCRIPT
Agenda for Today
www.caveon.com 3
• Current Best Practices in Test Security
• Key Roles Your Organization Should Identify
• Security Incident Response Planning
• Resources• Seal of Excellence• Summary• Q&A
www.caveon.com 4
Current Best Practices in Test Security (1 of 5)
•Security Plan/Handbooko Written, living
documento Discusses how you will
address test securityo Available to
stakeholderso You may have some
elements already in place
www.caveon.com 5
Current Best Practices in Test Security (2 of 5)
•Secure test development processeso Secure design strategieso The environment for developing
itemso Who you use as SMEs to write and
review itemso Secure item management
processes
www.caveon.com 6
Current Best Practices in Test Security (3 of 5)
•Secure test administration processeso Candidate ID processeso Sufficient proctoring policies o Proctors are trained/certifiedo Monitoring before, during, and after
testing
www.caveon.com 7
Current Best Practices in Test Security (4 of 5)
•Security Director in placeoAn individual responsible for test
securityoResource and conduit for test
security activitiesoConsider CESP certification
www.caveon.com 8
Current Best Practices in Test Security (5 of 5)
Security Incident Response Plan•Dictates what to do when a testing irregularity occurs•Creates a consistent methodology for treating infractions and breaches•Establishes protocols for penalties imposed when incidents occur
www.caveon.com 9
Key Roles Your Organization Should Identify (1 of 2)
• Management – Individual with the responsibility for test security
• Budgeting – Budgeting and funding for test security activities
• Analysis – Statistical analysis to detect irregularities
www.caveon.com 10
Key Roles Your Organization Should Identify (2 of 2)
• Internet – Monitoring of the Internet for proffered test content
• Training– Staff training and awareness
• Investigations– First line investigation processes
Security Incident Response Planning
www.caveon.com 11
Key Components of an SIRP•Agreements in place•Policies in place•Practices in place for
analysis and monitoring•Incident response matrix•Investigative strategies•Communications plan
Resources
www.caveon.com 12
• Handbook of Test Security• TILSA Guidebooks• NCTA standards• ITC standards• Caveon Webinar Series• NCME Whitepapers• Operational Best Practices
Caveon Seal of Excellence (CSE) (1 of 2)
www.caveon.com 13
• What is the Seal?• Why has the seal
been established?• How Organizations
earn the Seal• How the CSE benefits
a testing organization
Seal of Excellence (2 of 2)
www.caveon.com 14
• How do I know my organization is eligible for the seal?
• How long does my organization get to keep the seal?
• What do I need to do to maintain my use of the CSE?
Key Points Summarized
• Many organizations have some test security elements in place
• Check your test security strengths and weaknesses
• Identify key test security roles in your organization
• Strategies for incident response planning• Consider obtaining a Caveon Seal of
Excellence to promote and drive home the importance of test security
www.caveon.com 15
Thank You!
www.caveon.com 16
Follow Caveon on twitter @caveonCheck out our blog www.caveon.com/blogLinkedIn Group “Caveon Test Security”
Dr. John FremerJohn.fremer@caveon.com
Dr. Jamie MulkeyJamie.mulkey@caveon.com
top related