Information Technology

Computers and information technology are now an integral part of college and university life. The increased convenience and power of this technology also brings with it a wide range of compliance concerns, from social media and free speech considerations, to data privacy, identity theft, and copyright issues.

Lock = Available only to members of the contributing organization.



Resource Pages


Preparing for GDPR - There's Still Time!

An Introduction to NIST Special Publication 800-171 for Higher Education Institutions

FBI Public Service Announcement on Fraud Schemes Targeting Universities
Federal Bureau of Investigation

Elevating Cybersecurity on the Higher Education Leadership Agenda

Data Spotlight: Governance, Risk, and Compliance Lock

The EDUCAUSE Information Security Almanac 2017 Lock

Searching for a Smoking Gun, Chasing a Silver Bullet: Data Breaches in Higher Education Lock

Navigating Privacy and Data Security in an International Environment Lock

College and University Data Breaches: Regulating Higher Education Cybersecurity Under State and Federal Law Lock
Katie Beaudin, NACUA

The Chief Privacy Officer in Higher Education (2015)

Understanding IT GRC in Higher Education: IT Compliance (2015)

Understanding IT GRC in Higher Education: IT Risk (2015)

Understanding IT GRC in Higher Education: IT Governance (2015)

Cybersecurity in Higher Ed: Searching for a Better Model (2015)

Cloud Strategy for Higher Education: Building a Common Solution (2015)

The Compelling Case for Data Governance (2015)

URMIA University Risk Management and Insurance Association

Federal Laws Relating to Cybersecurity: Overview of Major Issues, Current Laws, and Proposed Legislation
Eric A. Fischer

U.S. Dept. of Education "Dear Colleague" Letter on P2P Copyright Infringement
June 4 2010, U.S. Dept. of Education

Social Media Policy Samples Lock

Employee's Use of Web 2.0: Take this Job and Tweet It
2011, NACUA, Peter Land, Priya Harjani, Youndy Cook

The New Frontiers of Peer-to-Peer Sexual Harassment: Sexting, Cyber-Bullying, and Electronic Harassment
2011, Amy Gajda, Daniel Wilkerson, NACUA

Information Security Program Self-Assessment Tool

The 2013 Cybersecurity Executive Order: Overview and Considerations for Congress
Catherine A. Theohary, Edward C. Liu, Eric A. Fischer, John W. Rollins, Nov 8 2013

MOOCs and the Institution's Duties to Protect Students from Themselves and Others: Brave New World or Much Ado About Nothing?
Christina D. Riggs, Joseph C. Monahan, URMIA

Electronic Signatures in Global and National Commerce Act (ESign): The Consumer Consent Provision
Federal Trade Commission

Minimum Security Requirements for Federal Information and Information Systems
March 2006

Massive Open Online Courses (MOOCs): Intellectual Propoerty and Related Issues
June 2013, Madelyn F. Wessel, Megan W. Pierson, NACUA, Robert R. Terrell

Managing the Risk of Data Breaches and Preparing for Security Audits: Lessons Learned from the Field
Isaac Straley, June 2012, Kyhm Penfil, NACUA, Timothy McCrystal

Employee Privacy Issues in the Social Media World
June 2012, NACUA, Peter Land, Priya Harjani, Youndy Cook

Cybersecurity: Authoritative Reports and Resources, by Topic
Rita Tehan