Getting Your Ducks in a Row: IT Governance, Risk, and Compliance Programs in Higher Education

Published:: Thursday, March 6, 2014
: Briefs, Case Studies, Papers, Reports

Author(s) and Contributors:: Author(s): Patrick Feehan Jackie Bichsel

Source(s) and Collection(s):: Sources(s): EDUCAUSE Research Collection(s): Research Report

ParentTopics:: Compliance IT Governance Risk Management Security Risk Management

Abstract

Higher education IT governance, risk, and compliance (GRC) programs are in the development stage. Few institutions have all three programs in place, and many institutions are unclear where they should start when instituting or maturing their IT GRC programs. In addition, they are often uncertain as to whether GRC programs should be developed in parallel or separately.

This 2014 ECAR study of IT GRC describes the current landscape of IT GRC programs in higher education; identifies aspects of the IT GRC environment that will aid CIOs, CISOs, and other leads to make decisions about IT GRC initiatives; and outlines steps institutions can take to become more mature in their IT GRC programs.

Download Resources

Download PDF
Report
Access HTML
Hub