Main Nav

Joanna Lyn Grama (EDUCAUSE)

Joanna Lyn Grama
Director of DRA Operations, IT GRC & Cybersecurity Programs

West Lafayette, Indiana

Membership Information



Joanna Lyn Grama, JD, CISSP, CIPP/IT, CRISC, directs the EDUCAUSE Cybersecurity Initiative and the IT GRC (governance, risk, and compliance) program. In addition, as the Director of DRA Operations, Joanna manages the full spectrum of DRA research projects and activities and ensures that EDUCAUSE research and operational teams collaborate effectively to meet subscriber and member needs.

Joanna has higher education information technology experience and previously held the position of Information Security Policy and Compliance Director at Purdue University. Joanna has expertise in IT security policy, compliance, and governance activities, as well as data privacy. Joanna is a member of the Information Systems Audit and Control Association (ISACA); the International Association for Privacy Professionals (IAPP); the American Bar Association, Section of Science and Technology Law, Information Security Committee; and the Indiana State Bar Association. Joanna is a member of the U.S. Department of Homeland Security's Data Privacy and Integrity Advisory Committee (appointed to Committee by Secretary Janet Napolitano) and serves as the chairperson of its technology subcommittee.

Joanna graduated from the University of Illinois College of Law with honors. She is a frequent speaker on a variety of IT security topics, including identity theft, personal information security, and university information security compliance issues. She is also the author of the textbook, LEGAL ISSUES IN INFORMATION SECURITY (2 ed, published July 2014).

Connect on LinkedIn:

Follow on Twitter: @runforserenity

EDUCAUSE Involvement

  • Security Professionals Conference 2016 Program Committee
    Staff Liaison , 2015 - 2016


EDUCAUSE Center for Analysis and Research (ECAR)
June 2015