Novel Approaches to Developing Governance, Risk, and Compliance Programs

Legislative requirements are accumulating as rapidly as sophisticated threats to institutional data. How does an institution develop a strategic response that incorporates all necessary requirements? Georgia State University, PWC, and Oracle are working toward an "enterprise " approach that cuts across silos and views risks as the responsibility of both IT and the entire institution. The desired single, unified solution will ensure compliance to federal and state statutory and regulatory policy obligations and will focus people on the costs and consequences of noncompliance to physical and cybersecurity obligations, which will aid with compliance to existing and future regulatory requirements.