HEISC Governance, Risk, and Compliance Working Group

The Governance, Risk, and Compliance (GRC) Working Group provides resources and thought leadership around information security topics pertaining to governance, risk, privacy, policies, legal issues, and compliance. Their purpose is to identify, develop, and promote resources to help higher education institutions incorporate information security into the enterprise governance processes, implement information security risk management processes, and understand the implications of existing and proposed laws and industry standards on institutional policies and compliance. GRC members meet on the third Thursday each month (3-4 pm ET). New volunteers are welcome!

Richard Addiscott

Director IT Planning, Governance and Security
Bentley, WA(AUS)
AUSTRALIA
Committee Term: 2016 - 2019
Chief Information Officer
Valparaiso, Indiana
UNITED STATES
Committee Term: 2016
Peter J. Angelos
Director of Technology, College of Liberal Arts
Duluth, Minnesota
UNITED STATES
Committee Term: 2016

Suresh Balakrishnan (Ex Officio)

Suresh Balakrishnan
Asst. Vice Chancellor and Deputy CIO
Adelphi, Maryland
UNITED STATES
Committee Term: 2014
Silvio Balzano
Director, IT Risk and Data Integrity
Bronx, New York
UNITED STATES
Committee Term: 2011
Tracey L. Choulat
Director of Information and Instructional Technology
Gainesville, Florida
UNITED STATES
Committee Term: 2015

Matthew Dalton (Chair)

Chief Information Security Officer
Amherst, Massachusetts
UNITED STATES
Committee Term: 2010

Michael S. Davie

Manager of Information Security Architecture
Glassboro, New Jersey
UNITED STATES
Committee Term: 2015
David Escalante
Director of Computer Policy & Security
Chestnut Hill, Massachusetts
UNITED STATES
Committee Term: 2009
Associate Director, Research Data Security
Durham, North Carolina
UNITED STATES
Committee Term: 2015

Joanna Lyn Grama (Staff Liaison)

Joanna Lyn Grama
Director of Cybersecurity and IT GRC Programs
3335 Crawford St.
West Lafayette, Indiana
UNITED STATES
(720) 406-6769
Committee Term: 2013
Data Security Administrator, IT HIPAA Security Officer
Big Rapids, Michigan
UNITED STATES
Committee Term: 2014
Professor
Philadelphia, Pennsylvania
UNITED STATES
Committee Term: 2016 - 2019
Assistant Director, Security & Compliance
Raleigh, North Carolina
UNITED STATES
Committee Term: 2016
Chief Information Security Officer
Washington, District of Columbia
UNITED STATES
Committee Term: 2013
Brian Markham
Director, Compliance and Risk
Ashburn, Virginia
UNITED STATES
Committee Term: 2015
Zachery Mitcham
Chief Information Security and Compliance Officer
Durham, North Carolina
UNITED STATES
Committee Term: 2017

Tracy Mitrano (Ex Officio)

Tracy Mitrano
Academic Dean of University of Massachusetts Cyber Security Certificate Programs
Ithaca, New York
UNITED STATES
Committee Term: 2009

Craig Munson

Information Security Manager
St. Paul, Minnesota
UNITED STATES
Committee Term: 2016

Kelley W. Powell

CCO
Richmond, Virginia
UNITED STATES
Committee Term: 2009
Jane Rosenthal
Director, Compliance & Policy
Golden, Colorado
UNITED STATES
Committee Term: 2015
Chief Information Security Officer
Indianapolis, Indiana
UNITED STATES
Committee Term: 2015
Theresa Semmens
Chief Information Security Officer
Fargo, North Dakota
UNITED STATES
Committee Term: 2015
Todd Spahr
Information Security Officer
Towson, Maryland
UNITED STATES
Committee Term: 2016

Adam Vedra (Chair)

Assoc. Director of IT & Information Security Officer
Grand Rapids, Michigan
UNITED STATES
Committee Term: 2011
Stephen A. Vieira
Chief Information Officer
Nashville, Tennessee
UNITED STATES
Committee Term: 2009

Valerie M. Vogel (Staff Liaison)

Valerie M. Vogel
Program Manager
1150 18th Street, NW, Suite 900
Washington, District of Columbia
UNITED STATES
(202) 331-5374
Committee Term: 2009
Cheryl Washington
Chief Information Security Officer
Davis, California
UNITED STATES
Committee Term: 2009
Andrew Weisskopf
Chief Information Security Officer
Binghamton, New York
UNITED STATES
Committee Term: 2015

Committee information is provided as a service for our members. It is not to be used for commercial gain, either by members or nonmembers. EDUCAUSE maintains open access to this information with the understanding that it will not be abused. We appreciate your help in using this information properly so that we don't have to limit its availability. If you have any questions about the use of this information, please contact info@educause.edu.