Governance, Risk, and Compliance Systems in Higher Education

Wednesday, May 16 | 5:00pm - 6:30pm ET | White River Ballroom D
Session Type: SEC12

GRC (governance, risk, and compliance) systems are integrated applications that help automate the policy development and dissemination process; the tracking of requirements of law, regulations, standards, and frameworks such as ISO and NIST; the risk assessment and mitigation process; and many other similar functions. Such systems are new to higher education but have been used in industry for years for both IT GRC and enterprise-wide GRC purposes. Join us as we explain how these systems can be used in higher education. We'll also share the stories of three universities that are actively seeking and implementing GRC systems.


  • Cheryl Washington

    Chief Information Security Officer, University of California, Davis
  • Merri Lavagnino

    Chief Risk Officer, Indiana University
  • Sarah Morrow

    Chief Privacy Officer
  • Jennifer Stewart

    Information Technology and Compliance Trainer, The Pennsylvania State University

Resources & Downloads