Caveon Webinar Series - Creating Your Test Security Game Plan - March 2016

www.caveon.com 1

Caveon Webinar SeriesCreating Your Test Security Game Plan

March 9, 2016

Today’s Presenters

www.caveon.com 2

Dr. John Fremer Dr. Jamie Mulkey

Agenda for Today

www.caveon.com 3

• Current Best Practices in Test Security

• Key Roles Your Organization Should Identify

• Security Incident Response Planning

• Resources• Seal of Excellence• Summary• Q&A

www.caveon.com 4

Current Best Practices in Test Security (1 of 5)

•Security Plan/Handbooko Written, living

documento Discusses how you will

address test securityo Available to

stakeholderso You may have some

elements already in place

www.caveon.com 5

Current Best Practices in Test Security (2 of 5)

•Secure test development processeso Secure design strategieso The environment for developing

itemso Who you use as SMEs to write and

review itemso Secure item management

processes

www.caveon.com 6

Current Best Practices in Test Security (3 of 5)

•Secure test administration processeso Candidate ID processeso Sufficient proctoring policies o Proctors are trained/certifiedo Monitoring before, during, and after

testing

www.caveon.com 7

Current Best Practices in Test Security (4 of 5)

•Security Director in placeoAn individual responsible for test

securityoResource and conduit for test

security activitiesoConsider CESP certification

www.caveon.com 8

Current Best Practices in Test Security (5 of 5)

Security Incident Response Plan•Dictates what to do when a testing irregularity occurs•Creates a consistent methodology for treating infractions and breaches•Establishes protocols for penalties imposed when incidents occur

www.caveon.com 9

Key Roles Your Organization Should Identify (1 of 2)

• Management – Individual with the responsibility for test security

• Budgeting – Budgeting and funding for test security activities

• Analysis – Statistical analysis to detect irregularities

www.caveon.com 10

Key Roles Your Organization Should Identify (2 of 2)

• Internet – Monitoring of the Internet for proffered test content

• Training– Staff training and awareness

• Investigations– First line investigation processes

Security Incident Response Planning

www.caveon.com 11

Key Components of an SIRP•Agreements in place•Policies in place•Practices in place for

analysis and monitoring•Incident response matrix•Investigative strategies•Communications plan

Resources

www.caveon.com 12

• Handbook of Test Security• TILSA Guidebooks• NCTA standards• ITC standards• Caveon Webinar Series• NCME Whitepapers• Operational Best Practices

Caveon Seal of Excellence (CSE) (1 of 2)

www.caveon.com 13

• What is the Seal?• Why has the seal

been established?• How Organizations

earn the Seal• How the CSE benefits

a testing organization

Seal of Excellence (2 of 2)

www.caveon.com 14

• How do I know my organization is eligible for the seal?

• How long does my organization get to keep the seal?

• What do I need to do to maintain my use of the CSE?

Key Points Summarized

• Many organizations have some test security elements in place

• Check your test security strengths and weaknesses

• Identify key test security roles in your organization

• Strategies for incident response planning• Consider obtaining a Caveon Seal of

Excellence to promote and drive home the importance of test security

www.caveon.com 15

Thank You!

www.caveon.com 16

Follow Caveon on twitter @caveonCheck out our blog www.caveon.com/blogLinkedIn Group “Caveon Test Security”

Dr. John [email protected]

Dr. Jamie [email protected]