The University of Alaska is a statewide system. We began a system-wide IT governance process for information technology four years ago. On a five-point scale, we would rate the maturity level as a two. The IT governance structure allows the university to address security initiatives on a system rather than on an individual campus, department, or silo level. The presentation will discuss the process for setting up IT governance and how it applies to security. Operational aspects of IT security at University of Alaska will also be touched on.