A Case Study: Successful Convergence of GRC and Awareness

Thursday, April 12 | 9:15AM–10:15AM ET | Maryland Ballroom F, Fifth Floor
Session Type: Breakout Session
Delivery Format: Interactive Presentation
Governance, risk, and privacy of information are all critical aspects to consider when engaging with third-party vendors. As security, risk, and privacy professionals, we are challenged daily to vet the breadth and depth of these vendors security programs, their affiliations with subcontractors, and their associated controls. The presenter will share one such experience, where, as a result of achieving that sweet spot where governance, risk, privacy, and awareness converged, a likely incident was prevented.

Outcomes: Understand how the convergence of governance, risk, privacy, and awareness will assist in preventing incidents at your university * Understand why it's everyone's responsibility to be "security aware" and spread awareness * Identify parties to be included when reviewing third-party vendor agreements and related projects


  • Neal Fisch

  • Asha Ramachandra

    Director of IT Strategy, California State University, Channel Islands