ERM and GRC for Managing Cybersecurity Risks: All Hands on Deck

Wednesday, April 11 | 9:15AM–10:15AM ET | Maryland Ballroom F, Fifth Floor
Session Type: Breakout Session
Delivery Format: Interactive Presentation
Enterprise risk management (ERM) and governance, risk, and compliance (GRC) are effective frameworks for managing cybersecurity risks. ERM and GRC combine as an integrative approach that is important to an organization's strategic processes and operations. Cybersecurity must be viewed as a strategic risk in order for an information security program to be successful. ERM and GRC programs require that "all hands are on deck" to manage risks, including cybersecurity risks.

Outcomes: Learn how ERM, GRC, and cybersecurity programs are strategically linked and how ERM and GRC can strengthen cybersecurity risk assessment and a cybersecurity program * Explore what institutions are doing with respect to ERM, GRC, and cybersecurity through polling and information sharing * Discover the treasure trove of resources on the EDUCAUSE Cybersecurity website


  • Peter Murray

    Senior Vice President for Information Technology and Chief Information Officer, University of Maryland, Baltimore
  • Roger Ward

    Senior Vice President, University of Maryland, Baltimore

Resources & Downloads

  • Promoting Enterprise Risk Management ERM and Governance Risk and Compliance GRC for Managing Cybersecurity Risks

    5 MB, pptx - Updated on 1/25/2024