This research bulletin uses data derived from the Core Data Service 2015 module on IT Organization, Staffing, and Financing to examine the current state of governance, risk, and compliance (GRC) activities in higher education. Using a graphic-based format, this bulletin addresses the current state of GRC activities, specifically addressing organizational responsibility for IT functions, the types of IT policies in place, and the institutional capacity to provide risk management. The bulletin is based on responses from U.S. institutions with a Carnegie class of AA, BA, MA, or DR.
Citation for this Work: Grama, Joanna L., and Leah Lang. CDS Spotlight: Governance, Risk, and Compliance. Research bulletin. Louisville, CO: ECAR, January 12, 2017.