Enterprise Risk Management (ERM) gained a foothold in higher education during the first decade of the 21st century. College and university governing board members came to their board service with the perspective and experience of having served on corporate boards and in corporate leadership positions where ERM was in active use. Trustees asked…

Governance, risk, and compliance (GRC) issues are increasingly pervading the IT space, with these concepts transcending silos such as central and distributed IT units, information security, and service management. As campus investment in information technology and campus reliance on information systems have grown, so has the need for reliable…

Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

In 2013, compliance issues march, unceasingly, through every aspect of higher education. Yet the intricacies of privacy, information security, data governance, and IT policy as compliance and risk areas within the IT organization can reverberate and impact every other department within the higher education institution. The primary focus is always…

The sourcing of IT systems and services takes many shapes in higher education. Campus central IT organizations are increasingly responsible for the administration of enterprise systems and for the consolidation of operations into a single data center. Specialized academic and administrative systems may be run by local IT departments. In addition,…

Higher education today is facing its own financial challenge. Conditions are grim nationwide. The fiscal climate exacerbates the pressure on colleges and universities to provide more resources and services--with less funding. For information technology (IT) professionals, the economic downturn presents an opportunity to stop, reprioritize, and…

The role of the Chief Information Officer (CIO), one of the newer positions in higher education senior leadership, continues to transform and evolve, often heading in surprising directions. Not only are the technologies changing at a dizzying pace, but it often feels as if the role itself, as well as what institutions need and expect from the CIO,…

Increasingly, IT organizations will move from providing IT services locally to becoming an integrator of IT services--some provided locally and others provided outside the institution. As a result, institutions must immediately begin to plan for shared services and must understand the essential role that identity management and trust services play…

Seeing an institution's name in the headlines for a security breach may be among a CIO's-- and a president's--worst nightmares. Whether the breached data involves social security numbers, credit card accounts, clinical records, or research, this is bad news. Federal agencies that provide research funding may lose confidence in data integrity,…