1EdTech's TrustEd Apps™ Security Practices Rubric Specification 1.0 and self-assessment process were developed to meet the increasing needs of educational leaders so they can understand and mitigate security risks within their teaching and learning environment and accelerate their procurement processes.
This rubric addresses course-level tools with access to a smaller scope of data and does not include enterprise-level tools. It focuses on the essential needs of educational institutions.
The purpose of the TrustEd Apps Security Practices Rubric is to:
- Promote collaboration between institutions and suppliers to address security concerns in a cooperative manner
- Provide Suppliers with a self-assessment tool
- Promote transparency to support an understanding of the various components of security practices and policies
Technical Overview
Completing the TrustEd Apps Security Practices Rubric
TrustEd Apps Security Practices Rubric
This rubric is a self-assessment tool for edtech suppliers developed by 1EdTech members. Currently, the rubric covers:
- Security Practices
Who Can Submit a Self-Assessment
1EdTech Contributing, Affiliate, and TrustEd Apps Alliance member organizations can submit a self-assessment of their product. Assessments should be completed annually. Once published, self-assessments can be viewed by other members. The report will be viewable under the product’s entry in the TrustEd Apps Directory and the TrustEd Apps Management Suite (member login required).
Why Submit a Self-Assessment
- Win More RFPs: Demonstrate robust security practices to win more bids by completing the TrustEd Apps Security Practices Rubric.
. - Gain a Competitive Advantage: Stand out from competitors and showcase your commitment to student data security with the standardized TrustEd Apps Security Practices Rubric.
- Build Trust with Institutions: Earn the trust of institutions prioritizing data protection by completing the rubric and highlighting your commitment to secure edtech solutions.
How to Submit a Self-Assessment
From your product page in the TrustEd Apps Directory:
- Scroll down to the App Vetting Reviews section.
- Click "Add Security Rubric."
The specification document is linked at the top of the page for your reference.
- Enter your product information in the fields on the first tab.
- Respond to the self-assessment questions on the additional tabs.
It is strongly recommended to include notes and links as supporting evidence in the notes fields for the corresponding questions.
- Click the "Save" button at the bottom left-hand side of your screen to submit.
The self-assessment must be completed in its entirety at once.
- The completed rubric will be reviewed and published by 1EdTech.
Benefits for Institutions
- Mitigate Security Risks: Require edtech suppliers to complete the 1EdTech TrustEd Apps Security Rubric to gain clear insights into their security practices and mitigate potential risks within your educational environment.
- Make Informed Procurement Decisions: Standardize your RFP process and make informed decisions by leveraging the clear, comparable data provided by the 1EdTech TrustEd Apps Security Rubric.
- Protect Student Data: Prioritize student data security by requiring the 1EdTech TrustEd Apps Security Rubric from all potential edtech suppliers, ensuring they meet the essential security needs of your educational institution.
Sample Request for Proposal
Sample Statement: Request for Proposal (RFP) Requirement for the TrustEd Apps Security Rubric
"We require all respondents to this RFP to have completed the 1EdTech TrustEd Apps Security Rubric. This rubric is developed to meet the increasing needs of educational leaders so they can understand and mitigate security risks within their teaching and learning environment and accelerate their procurement processes. This requirement aligns with our commitment to protecting student data and creating safe and secure learning environments.
1EdTech's TrustEd Apps Security Rubric is a component of the 1EdTech TrustEd Apps Program, empowering trust in the digital ecosystem. Contact support@1edtech.org if you have any questions."
Get Started
Start implementing 1EdTech TrustEd Apps Security Practices Rubric using the materials below.
Have Questions?
For additional information, our experts are here to help. 1EdTech members can contact support@1edtech.org.
Get Involved with 1EdTech
Institutions and edtech suppliers collaborate in 1EdTech Leadership groups
to advance education technology innovation, promote interoperability, and support learner achievement and outcomes.
Find answers to common question in our FAQ
No, only 1EdTech members have the benefit and ability to complete a 1EdTechTrustEd Apps Security Practices Rubric Self Assessment of their product(s). Learn more about the value of joining the 1EdTech community.
The 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment is located on a 1EdTech member supplier's product page, under the "App Vetting Reviews" section.
A group of 1EdTech Institutional and Supplier members, who are cross-industry experts in Security Practices, joined a Task Force that worked together, researching and collaborating to develop the 1EdTech TrustEd Apps Security Practices Rubric Specification, based on the HECVAT and other Security Practices laws and standards.
To maintain their 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment, the Supplier should self-assess their product(s) yearly, or if any changes have been made to their security practices policies, features, and procedures.
The general public can see that a product has been self assessed by a supplier in the 1EdTech TrustEd Apps Product Directory, but only 1EdTech members can view the detailed self-assessment results. The 1EdTech TrustEd Apps Security Practices Rubric Specification v1.0 is an open standard and public document.
Institutions advocate for suppliers to complete their 1EdTech TrustEd Apps Security Practices Rubric Self-Assessment by requiring that all suppliers complete the self-assessment before signing a contract/procuring. This may include the requirement for the Security Practices Rubric self-assessment in their contracts and requests for proposals (RFPs).
The rubric is a formal 1EdTech Final Release public specification. Even though the specification is viewable to both members and the public, suppliers must be or become 1EdTech members to self-assess using our Security Practices Rubric web component on their product(s) in the 1EdTech TrustEd Apps Directory.
Wait. You're Not a 1EdTech Member?
When you join 1EdTech, you’ll work collaboratively with the brightest minds in education and technology. Whether as a Contributing, Affiliate, or Alliance member, our spirit fuels our determination to improve education.
It's Time to Add Your Voice and Leadership
Start Here
We're Always Happy to Help
The 1EdTech Knowledge Base is an excellent hub of information and resources
to help you build an open, trusted, and innovative digital learning ecosystem.
Have Questions? We Have Answers.
Contact Us