IT Governance, Risk, and Compliance Program

The EDUCAUSE IT GRC program provides resources that help you define and implement IT governance, risk, and compliance (GRC) activities on your campus.

GRC issues increasingly pervade higher education information technology. As institutional investment in IT and reliance on information systems have grown, so has the need for reliable structures and measures to ensure success and minimize failure.

IT GRC programs develop a framework for the leadership, organization, and operation of an institution's IT programs. This framework can be used by IT staff to ensure that their programs support and enable the institution's strategic objectives.

Member working groups and representatives from complementary organizations advise EDUCAUSE in the development of best practices, toolkits, and case studies.
An ECAR research study benchmarks how higher education institutions are approaching IT GRC practices. (pictured, right: a snapshot of the ECAR IT GRC infographic)
A community group provides a forum for IT GRC topics.
Additional resources from NACUA have been made available to EDUCAUSE members through the organizations' collaboration on IT GRC.

Resources

IT Risk Register, a sortable checklist that identifies common strategic IT risks and catalogues those risks according to common risk types and IT domains
Digital Capabilities in Higher Education 2016 IT Governance Risk and Compliance
IT Governance Toolkit, resources to help you design a framework for IT governance at your institution
Higher Education IT Governance Checklist
Risk Management Basics, a quick overview of the three basic steps of risk management: identify and assess, monitor, and response
Thinking about IT Risk Strategically, IT leaders at two institutions explain how they use the risk register to couch risks in terms of their impact on an institution's mission or goals
Resources to help you define and implement campus IT GRC activities:
EDUCAUSE Library resources:
NACUA Resources (complimentary for EDUCAUSE members):
- Developing a Comprehensive Privacy Program: A Step-by-Step Guide
- New Year, New Challenges: Preparing Your Campus for Data Privacy and Security Issues in the Year Ahead

Quick Links

Community Group

The community group provides a forum for IT GRC topics. Join Now >

IT GRC Research

How do we balance risk and compliance issues with the open environment of an academic institution? ECAR answers this question and others in a recent research study. Learn More >

Higher Education Compliance Alliance

This partnership of 20 national associations aggregates compliance news and resources from EDUCAUSE and other participating associations, government agencies, and relevant websites. The Higher Education Compliance Alliance website is designed to be a continuously updated resource for administrators and others on campus seeking to understand their compliance obligations.

Contact Us

We invite you to contribute to the higher education IT GRC body of knowledge. Contact Us >