Presentation is loading. Please wait.

Presentation is loading. Please wait.

Governance, Risk, and Compliance Systems in Higher Education

Published byChrister Fransson Modified over 6 years ago

Similar presentations

Presentation on theme: "Governance, Risk, and Compliance Systems in Higher Education"— Presentation transcript:

1 Governance, Risk, and Compliance Systems in Higher Education
Sarah D. Morrow, Moderator Chief Privacy Officer, The Pennsylvania State University Merri Beth Lavagnino Chief Privacy Officer and Compliance Coordinator, Indiana University Jennifer A. Stewart Privacy Coordinator, The Pennsylvania State University Cheryl Washington Chief Information Security and Privacy Officer, University of California Office of the President

2 What is a Governance, Risk, and Compliance (GRC) system?
An integrated application that helps automate: managing the policy development, dissemination and attestation process; tracking requirements of law, regulations, standards, and frameworks such as ISO and NIST; monitoring and ensuring compliance obligations are met, such as those required by PCI DSS, GLBA, and HIPAA; issuing surveys to business units to check themselves against those requirements to find gaps; doing risk assessment exercises and treating risk factors, especially against the gaps found; tracking mitigation activities taken to reduce those risks; automating incident or issue tracking to ensure each is logged, tracked, routed to the right person, completed, etc.; and often much, much more!

3

4 Panel Discussion Institutional Sponsor Vendor Search Process
Pre-purchase Considerations Functionality Essentials Planning Phase Production Roll-out

5

6

7

8

9

10

11

12 Contact Information Sarah D. Morrow | …………………………………… Merri Beth Lavagnino | Jennifer A. Stewart | Cheryl Washington

13 THANK YOU

Download ppt "Governance, Risk, and Compliance Systems in Higher Education"

Similar presentations

Developing a Risk-Based Information Security Program

Developing a Risk-Based Information Security Program
G R C The Science of Compliance ® ®. Craig Isaacs CEO, Unified Compliance Framework The world's largest and most reviewed legal framework. 2.

G R C The Science of Compliance ® ®. Craig Isaacs CEO, Unified Compliance Framework The world's largest and most reviewed legal framework. 2.
Neighborhood Watch: University Compliance Developments related to Research Susan Rafferty, Interim Director Office of Institutional Compliance.

Neighborhood Watch: University Compliance Developments related to Research Susan Rafferty, Interim Director Office of Institutional Compliance.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Measuring Compliance with Tenable Security Center Joe Zurba | HUIT IT Summit May 23, 2013.

Measuring Compliance with Tenable Security Center Joe Zurba | HUIT IT Summit May 23, 2013.
Bill McClanahan – Principal Business Consultant LPS Integration.

Bill McClanahan – Principal Business Consultant LPS Integration.
Information & Communication Technologies 08 2014 NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.

Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
Security Controls – What Works

Security Controls – What Works
Is IT Compliance A Profession? A Workshop on Refining Our Common Body of Knowledge, Skills and Ethics Peter T. Davis Principal Peter Davis+Associates.

Is IT Compliance A Profession? A Workshop on Refining Our Common Body of Knowledge, Skills and Ethics Peter T. Davis Principal Peter Davis+Associates.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
Information & Communication Technologies 08 2014 NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.

Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
Author:Prof.Dr.Tomas Ganiron Jr1 CHAPTER 7 PROJECT EXECUTION, MONITOR & CONTROL PROCESS 7-1 Project Executing process 7-2What is Project monitor & control.

Author:Prof.Dr.Tomas Ganiron Jr1 CHAPTER 7 PROJECT EXECUTION, MONITOR & CONTROL PROCESS 7-1 Project Executing process 7-2What is Project monitor & control.
Brian Markham Director, DIT Compliance and Risk Services May 1, 2014

Brian Markham Director, DIT Compliance and Risk Services May 1, 2014
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
TELLEFSEN AND COMPANY, L.L.C. SEC Regulation SCI and Automation Review Policy Compliance March 2013 Proprietary and Confidential.

TELLEFSEN AND COMPANY, L.L.C. SEC Regulation SCI and Automation Review Policy Compliance March 2013 Proprietary and Confidential.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Www.skyboxsecurity.com Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.
The Scales of Justice Balancing Policy and Law Against Expectations in Real-Life Computer Abuse Cases.

The Scales of Justice Balancing Policy and Law Against Expectations in Real-Life Computer Abuse Cases.
Staff Structure Support HCCA Special Interest Group 1-28-03 New Regulations: A Strategy for Implementation Sharon Schmid Vice President, Compliance and.

Staff Structure Support HCCA Special Interest Group New Regulations: A Strategy for Implementation Sharon Schmid Vice President, Compliance and.
Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.

Similar presentations

Ads by Google