Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate...

27
7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402) http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 1/27 INFORMATION TECHNOLOGIES & SERVICES Copyright Copyright Benjamin Nathan, 2008. This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Transcript of Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate...

Page 1: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 1/27

INFORMATION TECHNOLOGIES & SERVICES

Copyright

• Copyright Benjamin Nathan, 2008. This work is theintellectual property of the author. Permission isgranted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on thereproduced materials and notice is given that thecopying is by permission of the author. To

disseminate otherwise or to republish requireswritten permission from the author.

Page 2: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 2/27

INFORMATION TECHNOLOGIES & SERVICES

Using Nontraditional

Security Risk Assessmentsto Measure Risk, Request

Budgets, and Illustrate

Trends

Ben Nathan

Associate Director

Security and Identity Management

Weill Cornell Medical College

[email protected]

5/6/2008

Page 3: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 3/27

INFORMATION TECHNOLOGIES & SERVICES

Agenda• About Weill Cornell Medical College (WCMC)

• About Information Technologies and Services (ITS)

• Problems With A Traditional Risk Assessment

• Risk Management Portfolio• Identifying and Addressing Risk

• Cataloging Solutions

• Risk Categories

• Scoring

•  The Risk Scorecard

• Measuring the Process

• Funding Requests

• Observations

Conclusion

Page 4: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 4/27

About WCMC

WCMC

CU

Page 5: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 5/27

Network Partners

Page 6: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 6/27

Information Technologies and Services (ITS)

Page 7: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 7/27

  D  i a g r a m   R

 e m o  v e d

Network Diagram

Internet/Extranet

Firewall

Network Core

Network 

Core

Network Core

Servers

Servers

NYPH

Servers

Extranet

Page 8: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 8/27

Risk Management?

Page 9: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 9/27

 Add Value MeasurePerformance

Risk Management Portfolio

Risk Management

Page 10: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 10/27

3 Step Approach

Page 11: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 11/27

Identify Threats by CatalogingSolutions

Identify

securitythreats bycatalogingsecurity

solutions

SecuritySolution:

MalwareProtection ?

Page 12: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 12/27

Threats, Identified

SecuritySolutions

Intrusion Prevention

ThreatsNetwork Intrusions

?

Network AccessControl

Rogue Computers

Client Encryption Unencrypted Clients

Data Classification Inappropriate Security

Awareness Training End User Errors

~75 Security Solutions in Total,Available in the Files Posted for this

Presentation

Page 13: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 13/27

3 Step Approach

Page 14: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 14/27

Break Risk Into Categories

Page 15: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 15/27

3 Step Approach

Page 16: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 16/27

Scoring

IntrusionPrevention

Security Solutions

Does

Risk Categories Score (1-10)

ReduceSusceptibility toExternal Attack?

 Yes! 10

1 is No Effect5 is Indirect Effect

10 is Direct, SignificantEffect

Improve PolicyEnforcement

5Improve or IncreaseNetwork Visibility?

3

Total Score

0101518

Page 17: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 17/27

Reduce

Susceptibilityto Internal

Attack 

Improve PolicyEnforcement

ImproveVisibility IntoNetwork 

Total

262

259

240

234

214

SecuritySolution

s

IntrusionPrevention

Network AccessControl

Client

EncryptionData

Classification

Awareness

Training

10 5 3

10 10 5

7 10 1

7 10 7

7 10 1

ScoringX5 X5 X3

50

50

35

35

35

25

50

50

50

50

9

15

3

21

3

Page 18: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 18/27

Showcase Risk 

Score 1-10, 10 highest *5 Multiplier *5 Multiplier *5 Multiplier *5 Multiplier *5 Multiplier

 Technology

ReduceSusceptibility toInternal Attack

ReduceSusceptibility toExternal Attack

Improve VisibilityInto Network

Meet/ExceedAudit/ RegulatoryRequirement

Decrease PotentialDamage toReputation

ImproveMetricsCapabilities

ImproveChangeManagement

ImproveMonitoring &Response

ImprovePolicyEnforcement

Decrease Riskof Theft orLoss

Improve DataConfidentiality

ImproveDataIntegrity

Improve DataAvailability Total

Firewall Re-Architecture 50 50 25 15 50 5 1 10 10 7 1 1 5 230

NBAD 50 50 45 15 50 5 1 10 5 7 3 3 1 245

Layer 7 Packet Inspection 50 50 50 15 50 1 1 7 5 7 1 3 1 241

Strong Authentication 25 50 5 35 25 1 1 1 10 1 5 5 1 165

Identity & Access Management 15 25 5 35 25 5 1 1 10 5 5 5 1 138

Network Access Control 50 50 5 35 35 3 5 5 7 5 5 5 1 211

SSL VPN 5 35 5 35 15 1 5 3 5 3 7 5 1 125

Client Encryption 15 15 5 25 50 1 1 1 10 10 10 10 1 154

Enterprise SSO 25 25 5 25 25 5 1 5 7 5 5 5 3 141

Antivirus/Antispyware 5 5 5 5 5 1 1 1 1 1 1 1 1 33

Firewall/Host IPS 15 15 5 15 15 1 1 3 3 3 3 3 1 83

Email Encryption & Filtering 15 15 5 25 50 1 1 1 10 10 10 10 1 154

Web Filtering 15 15 15 15 15 5 1 5 3 3 3 3 1 99

Information Leak Protection 25 25 15 35 35 3 3 5 5 7 7 7 3 175

Digital Investigation & Forensics 5 5 15 35 25 3 1 5 7 1 1 1 1 105

SIM/SIEM 15 15 35 25 25 7 5 7 5 3 3 3 3 151

Database Encryption 35 35 5 50 50 1 1 1 1 7 7 7 1 201

Database Monitoring 25 25 5 35 25 5 10 7 1 5 5 5 5 158

IDS 50 50 35 35 35 3 1 10 3 10 5 3 7 247

Remote Access VPN 5 5 5 5 5 1 1 1 1 1 1 1 1 33

Storage Security 15 15 15 35 50 3 1 1 7 10 10 10 3 175

Endpoint ConfigurationManagement 15 15 15 15 15 1 5 5 5 5 3 3 1 103

Vulnerability Management 50 50 15 35 35 3 1 7 7 7 5 5 5 225

IDS NBAD

Layer 7 Packet Inspection

Firewall Re-Architecture

Vulnerability Management

Network Access Control

Database Encryption

Information Leak Protecti

Storage Security

Strong Authentication

Database MonitoringClient EncryptionEmail Encryption

SIM/SIEM

Identity & Access Management

Enterprise SSO

SSL VPN

Digital Investigation & Forensics

Endpoint Configuration Management

Web Filtering

Firewall/Host IPS

Remote Access VPN

Antivirus/Antispyware

-150

50

250

The Risk Scorecard

Page 19: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 19/27

IDS NBAD

Layer 7 Packet Inspection

Firewall Re-Architecture

Vulnerability Management

Network Access Control

Database Encryption

Information Leak Protecti

Storage Security

Strong Authentication

Database MonitoringClient EncryptionEmail Encryption

SIM/SIEM

Identity & Access Management

Enterprise SSO

SSL VPN

Digital Investigation & Forensics

Endpoint Configuration Management

Web Filtering

Firewall/Host IPS

Remote Access VPN

Antivirus/Antispyware

-150

50

250

The Risk Scorecard

Th Ri k S d

Page 20: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 20/27

The Risk ScorecardSourceFire +

RNAArbor Peakflow

XNexpose

VulnerabilityScanner

Th Ri k S d

Page 21: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 21/27

IDSNBAD

Layer 7 Packet Inspection

Firewall Re-Architecture

Vulnerability Management

Network Access Contr

Database Encryption

Information Leak Prot

Storage Security

Strong Authentication

Database Monitoring

 

Enterprise SSO

Identity & Access Management

SSL VPN

tigation & Forensics

ation Management

Web Filtering

Firewall/Host IPS

Antivirus/Antispyware

Remote Access VPN

IPS

0

200

400

 Technology Scores10/1/2006

 Technology Scores10/1/2007

The Risk Scorecard

M P

Page 22: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 22/27

S  i  d  e   E  f   f   e  c  t   o  f   

 I  D  S   &   N  B  A  D   

$  0  . 0  0  

1  0  0   H  r  s   N     

e   x     p   o   s   e    

V     u   l     n   e   r    a   b    i     l     i     t    

 y     

S    c   a   n   n   e   r    

$    2    5     , 0    

0    0    

1    0    0    0     H     r    s   

SourceFire& ArborPeakflow X

$150,000

1250Hrs

Side Effects $0.00 100 Hrs

NexposeVulnerability Scanner

$25,000

1000Hrs

Project Cost TimeMeasure Process

P Ri k S d

Page 23: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 23/27

Audit & Risk Management FrameworkPolicy Creation

Data Classification

Awareness Training

Incident Response Plan

 Threat Research

Vulnerability Managemen

Risk Assessment

BC Planning

BC Testing

Information Risk Prioritization

Event Analysis

Security Testing

System Access ControlApplication Access Control

Log Management

Architecture Review

Risk Impact Analysis

hysical & Environmental Security

Information Risk Handling

Information Risk Tracking

reation/Implementation

Forensics

Facilities Access Control

Change Management

Compliance Research

BC Training

Policy Compliance

-50

150

350

Process Scores10/1/2006

Process Scores10/1/2007

Process Risk Scorecard

Page 24: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 24/27

Policy ComplianceSecurity Procedure Creation/Implementation

IPS

Network Access Co

Data Classificatio

Awareness Traini

Client Encryption

Audit & Risk Managem

Layer 7 Packet InspectionStrong AuthenticationRisk Assessment

Identity & Access Management

BC Planning

BC Testing

Database Encryption

Information Risk Prioritization

Average Score

Median Score

0

200

400

Policy ComplianceSecurity Procedure Creation/Implementation

IPS

Network Access Co

Data Classificatio

Awareness Traini

Client Encryption

Audit & Risk Managem

Layer 7 Packet InspectionStrong AuthenticationRisk Assessment

Identity & Access Management

BC Planning

BC Testing

Database Encryption

Information Risk Prioritization

Average Score

Median Score

-50

150

350

FY 2009FY 2010

Page 25: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 25/27

Funding Request

Page 26: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 26/27

Observations

Page 27: Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

7/29/2019 Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends (166366402)

http://slidepdf.com/reader/full/using-nontraditional-security-risk-assessments-to-measure-risk-request-budgets 27/27

Conclusions

Technology

Total

IntrusionPrevention 262

NetworkAccess Control 259

ClientEncryption 240

Layer 7 PacketInspection 234

StrongAuthentication 214Identity &AccessManagement 206

DatabaseEncryption 201

Web Filtering 195InformationLeakProtection 175

IDS NBADLayer 7 Packet Inspection

Firewall Re-Architecture

Vulnerability Management

Network Access Control

Database Encryption

Information Leak Protecti

Storage Security

Strong Authentication

Database MonitoringClient EncryptionEmail Encryption

SIM/SIEM

Identity & Access Management

Enterprise SSO

SSL VPN

l Investigation & Forensics

Configuration Management

Web Filtering

Firewall/Host IPS

Remote Access VPNAntivirus/Antispyware

-150

50

250

Sourcefir e Arbor 

Side

Effect

Nexpose

Policy ComplianceSecurity Procedure Creation/Implementation

IPS

Network Access Co

Data Classificatio

Awareness Traini

Client Encryption

Audit & Risk Managem

Layer 7 Packet InspectionStrong AuthenticationRisk Assessment

Identity & Access Management

BC Planning

BC Testing

Database Encryption

nformation Risk Prioritization

Average Score

Median Score

0

200

400

Policy ComplianceSecurity Procedure Creation/ImplemeIPS

Network Ac

Data Clas

Awarenes

Client EncrAudit & Risk

Layer 7 Packet InspectionStrong AuthenticationRisk Assessmentcess Management

BC Planning

BC Testing

ase Encryption

isk Prioritization

Average ScoreMedian Score

0

200

400

 Add Value MeasurePerformance

Risk Management Portfolio


Nontraditional Career Paths...Nontraditional Career Paths Nontraditional careers can offer exciting options. A diverse workforce can create more innovative and productive work environments

Nontraditional Career Paths...Nontraditional Career Paths Nontraditional careers can offer exciting options. A diverse workforce can create more innovative and productive work environments

NONTRADITIONAL MACHINING PROCESSES

NONTRADITIONAL MACHINING PROCESSES

Nontraditional machining Techniques Unit - 4

Nontraditional machining Techniques Unit - 4

Nontraditional Machining Techniques Unit - 2

Nontraditional Machining Techniques Unit - 2

Introduction to nontraditional machining

Introduction to nontraditional machining

Class29 nontraditional+machining

Class29 nontraditional+machining

Nontraditional Adult Learning

Nontraditional Adult Learning

of nontraditional cardiovascular risk factors associated ... · email cdutt@torrentpharma.com Abstract: Chronic overnutrition and consequential visceral obesity is associated with

of nontraditional cardiovascular risk factors associated ... · email [email protected] Abstract: Chronic overnutrition and consequential visceral obesity is associated with

Nontraditional Lamb Market Study

Nontraditional Lamb Market Study

ACECET Degreed and Nontraditional Programs

ACECET Degreed and Nontraditional Programs

Choi nontraditional ch8_10_ver1.5

Choi nontraditional ch8_10_ver1.5

Nontraditional cutting processes

Nontraditional cutting processes

Constitutive Analyses of Nontraditional Stabilization ...

Constitutive Analyses of Nontraditional Stabilization ...

Nontraditional Machining - iut.ac.irmosafavi.iut.ac.ir/...//files_course/nontraditional_machining_1_0.pdf · NONTRADITIONAL MACHINING INTRODUCTION ... purpose cutting and work holding

Nontraditional Machining - iut.ac.irmosafavi.iut.ac.ir/...//files_course/nontraditional_machining_1_0.pdf · NONTRADITIONAL MACHINING INTRODUCTION ... purpose cutting and work holding

Immunotherapies and Vaccines for Nontraditional Indications · Immunotherapies and Vaccines for Nontraditional Indications Immunotherapies and Vaccines for Nontraditional Indications

Immunotherapies and Vaccines for Nontraditional Indications · Immunotherapies and Vaccines for Nontraditional Indications Immunotherapies and Vaccines for Nontraditional Indications

NonTraditional Machining Presentation

NonTraditional Machining Presentation

Nontraditional Schools and Open Curricula

Nontraditional Schools and Open Curricula

A Nontraditional University for Nontraditional Students

A Nontraditional University for Nontraditional Students

NonTraditional Assessment Models FINAL [Read-Only]acp.depaultla.org/.../4/2014/06/NonTraditional-Assessment-Models.pdf · NONTRADITIONAL ASSESSMENT MODELS. Workshop Outline ... Rubric.

NonTraditional Assessment Models FINAL [Read-Only]acp.depaultla.org/.../4/2014/06/NonTraditional-Assessment-Models.pdf · NONTRADITIONAL ASSESSMENT MODELS. Workshop Outline ... Rubric.

INTA Nontraditional Marks Presentation

INTA Nontraditional Marks Presentation