Abstract
This bulletin examines how higher education is coping with managing information technology security from the policy perspective. It focuses particular attention on policy processes and programs that address the tensions between preserving confidentiality, ensuring data integrity, and maintaining an academic environment in which information is easily available to authorized users.