The Here and Now of Higher Ed IT Governance, Risk, and Compliance Efforts Jacqueline Bichsel, PhD Senior Research Analyst EDUCAUSE AIRI, May 8, 2014.

Slides:

Advertisements

Similar presentations

The PRR: Linking Assessment, Planning & Budgeting PRR Workshop – April 4, 2013 Barbara Samuel Loftus, Ph.D. Misericordia University.

Advertisements

. . . a step-by-step guide to world-class internal auditing

Course: e-Governance Project Lifecycle Day 1

Strategic Planning An Overview. General Definition The process of strategic planning involves deciding where you want to go, how you want to be positioned,

Steve Meier. What is Strategic Planning Determines Where an organization is going over the next year or more, How it's going to get there How it'll know.

April 6, 2011 DRAFT Educator Evaluation Project. Teacher Education and Licensure DRAFT The ultimate goal of all educator evaluation should be… TO IMPROVE.

DOT Office of Inspector General Audit of DOT’s Office of the Secretary’s Acquisition Function Federal Audit Executive Council Procurement Training Conference.

A Commitment to Excellence: SUNY Cortland Update on Strategic Planning.

Facilities Management 2013 Manager Enrichment Program U.Va.’s Strategic Planning Initiatives Colette Sheehy Vice President for Management and Budget December.

May 16, 2014 Analytics Short Discussion. ECAR Analytics Maturity Index Source: ECAR Analytics Maturity Index, 2012.

Community Health Assessments: Requirements and Models April 25, 2013 Gianfranco Pezzino Senior Fellow Kansas Health Institute.

SEM Planning Model.

1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.

1 Structural Supports Susan Besio, Ph.D. Director of Planning Vermont Agency of Human Services.

The 5 Characteristics Successful Nonprofits Have in Common

American University of Beirut1 AMERICAN UNIVERSITY OF BEIRUT Role of Quality in Strategic Planning.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

BUSINESS & HUMAN RIGHTS UniCredit on its sustainability path: understanding and managing the financial sector’s responsibilities in terms of human rights”

UGA’S STRATEGIC PLANNING DASHBOARD Allan Aycock Director for Assessment and Accreditation Shweta Doshi Business Intelligence Application Analyst 1.

Enterprise Risk Management (ERM) Minnesota Department of Transportation Enterprise Risk Management (ERM) Minnesota Department of Transportation TRB International.

The Aarhus & Espoo Conventions Making implementation work for stakeholders.

Stages of Commitment to Change: Leading Institutional Engagement Lorilee R. Sandmann, University of Georgia Jeri Childers, Virginia Tech National Outreach.

Advising Strategic Plan University of Cincinnati August 10,2015.

Do it pro bono. Strategic Scorecard Service Grant The Strategy Management Practice is presented by Wells Fargo. The design of the Strategic Scorecard Service.

FHWA Reorganization Update Program Performance Management Standing Committee on Performance Management Meeting Detroit, MI October 14, 2011 Peter Stephanos.

2004 National Oral Health Conference Strategic Planning for Oral Health Programs B.J. Tatro, MSSW, PhD B.J. Tatro Consulting Scottsdale, Arizona.

EVALUATION Evaluation of UNDP Assistance to Conflict-affected Countries UNDP Executive Board Informal Session 4 January 2007.

Role of the Board of Directors

Supreme Audit Office of the Slovak Republic, Chair of the CBC Sub-Committee Promote Peer Reviews.

A Framework for Building an Early Learning System in Walla Walla October 16, 2008.

EDUCAUSE 2014 Top Ten IT Issues. Today’s Agenda Introduction to EDUCAUSE IT Issues History & Methodology 2014 Top Ten IT Issues Selected Issues Reviewed.

WHAT IS IT? Balanced Scorecard A framework that sets visual strategies for the co-workers to translate them into actions to improve the main perspectives.

It’s Not How Big it is – It’s How You Use it! Peter Andrews Business Support Manager Royal Borough of Windsor & Maidenhead.

1 Seminar on 2008 SNA Implementation June 2010, Saint John’s, Antigua and Barbuda GULAB SINGH UN Statistics Division Diagnostic Framework: National.

IT Governance Review Presentation to SAAG – January 11 th, 2011.

1 Research Study of Internal Review Processes for the New SACS Principles of Accreditation Ms. Phuong T. T. Nguyen, Dr. Diane E. Oliver, & Dr. T. Gilmour.

ANALYTICS IN HIGHER EDUCATION: PROGRESS AND PROMISE July 2012 Susan Grajek, PhD Vice President, EDUCAUSE.

Distinguished Educator Initiative. 2 Mission Statement The Mission of the Distinguished Educator is to build capacity in school districts to enable students.

Meeting the ‘Great Divide’: Establishing a Unified Culture for Planning and Assessment Cathy A. Fleuriet Ana Lisa Garza Presented at the 2006 Conference.

Using OMB Section 508 reporting in addressing your agency's program maturity. How to Measure Your Agency's 508 Program.

CINAPTUS Technology Consulting Strategic Alignment Lecture 2.

Proventures reconnect session on Project Portfolio Management (PPM)

The new Culture Club: building resilience from within Jacinthe A Galpin, Chief Risk & Audit Officer, Department of Justice & Regulation.

Kathy Corbiere Service Delivery and Performance Commission

NEASC SITE VISIT SEPTEMBER 30-OCTOBER 3, Standards of Accreditation 4 standards of Teaching and Learning 1- Mission and Expectations for Student.

Part I Educational Technology1 INTRODUCING THE STANDARDS TOOLKIT (Educational Technology) Performance Indicator Progression Scope and Sequence Instructional.

Mission Values Broad Policy Framework Strategic Policies Strategic Plan Annual Budget Action Plans To develop the whole person as a responsible learner.

DAY 1: OVERVIEW The nature of internal auditing

Evaluating Our Assessment Program Spring 2004 What is assessment? Assessment is the ongoing process of understanding and improving student learning.

About District Accreditation Mrs. Sanchez & Mrs. Bethell Rickards Middle School

33 3. IS Planning Issues Scope of IS planning Barriers in IS planning Overview of IS planning Inputs to IS planning Process of IS planning Outputs from.

The University of Toledo Finance and Audit Committee Meeting “Internal Audit and Compliance Update” September 21, 2015.

National Center for Homeless Education State Coordinators Meeting 2016.

CAREER AND SKILLS TRAINING STRATEGIC FRAMEWORK Planning is key to success.

Don’t Plan to Fail so Start Strategically Planning Justin Camputaro Director of Student Centers and Activities Virginia Tech

Information Sharing for Integrated Care A 5 Step Blueprint.

Board Assessment Governing Board Online Training Module.

1 Patricia Alafaireet, PhD  After completing this section of the course, students will be able to Understand the role and value of committed organizational.

Enterprise Architecture Sunil V. Rajan 20 th November 2008.

Introduction to Enterprise Risk Management (“ERM”)

Establish and Identify Processes  Identify and establish current state:  Roles and responsibilities  Processes and procedures  Operational performance.

JMFIP Financial Management Conference

Principles of Good Governance

Promoting Evidence-Based Policymaking by Sharing State Administrative Data Dr. Marty Romitti January 25, 2017.

E-commerce Strategy Ing. Athanasios Podaras, Ph.D Faculty of Economics

IT Governance is …… ‘an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that.

Massachusetts Department of Higher Education Boston, Massachusetts

التخطيط الإستراتيجي والتميز الإدارى للقيادات الجامعية

GAO’s Approach to Assessing an Organization’s Investment Maturity:

The new Culture Club: building resilience from within

Presentation transcript:

The Here and Now of Higher Ed IT Governance, Risk, and Compliance Efforts Jacqueline Bichsel, PhD Senior Research Analyst EDUCAUSE AIRI, May 8, 2014

EDUCAUSE Center for Analysis and Research (ECAR) IT GRC Survey 246 member institutions

The Current Landscape

Risk Management

Most allow the risk management lead a moderate to broad scope of authority.

Compliance

Compliance lead allowed a very broad scope of authority.

Governance

Scope of the IT Governance Body

The IT Risk Environment

Balance between risk control and functionality/openness.

Specific Risks

81% of institutions do not include IT risk in their institution’s strategic plan

Units Managing IT Risk

Frameworks Used in IT Risk Management 2 out of 3 institutions use at least one framework

The IT Compliance Environment

IT Compliance Issues

The IT Governance Environment

Those with an ITGB are more likely to:  Involve other departments in decision-making  Influence leadership  Formulate binding policy  Guide IT risk management  Have a clear IT vision, mission, or strategy

Frameworks Used in IT Governance 1 out of 3 institutions uses at least one framework

Maturity in Risk Management

ECAR Maturity Indices  Provide starting point for institutions to assess strengths and weaknesses  Allow comparisons across the institution to benchmark progress across time or departments  Allow comparisons inter-institutionally to provide peer comparisons

Risk Management Maturity

Communication/End-User Management  Communication about IT risk throughout the organization  Management of end-user activities

Acceptance  lack of resistance of faculty, staff, and administration to risk management efforts

Risk Assessment/Management  Identifying, tracking, prioritizing, and reporting risks  Implementing policies and controls  Involvement of leadership

Investment  adequate investment in risk management staff and services

More mature institutions…  Have a formal risk management program (enterprise or IT)  Allow the risk management lead a broad scope of authority  Use a framework (any framework) for RM  Are more effective in addressing specific IT risks

More mature institutions ALSO…  Invest more in IT compliance  Are better at reviewing and updating IT compliance practices  Have less difficulty addressing compliance rules and laws  Have better support from leadership and faculty in IT governance issues  Have better IT governance in every respect

Thank you, AIRI! Jacqueline Bichsel For more information on EDUCAUSE: For more information on ECAR: