Category Archives: IT Risk Management

IT risk management also known as technology risk management is a part of enterprise risk management and deals with the issues and risk associated with information technology systems and services. Areas of discussion include IT risk assessments, IT audit, IT risk mitigation, and IT controls along with IT security and privacy. IT compliance is covered as it relates to HIPAA, HEAOA, P2P, PCI, FERPA, GLBA, Export Controls, ITAR, EAR, FDA, AND Red Flag Rules. Particular attention is applied to vendor risk management and IT outsourcing.

Geotagging and Location Based Services Privacy Concerns

Geotagging and location based services are exploding and universities must address the privacy and security issues in their mobile computing strategies. Additionally, colleges and universities should take deliberate steps to help students and their employees better understand how to manage the … Continue reading

Posted in Privacy | Tagged , , , , , | 1 Comment

Book Review: Information Security Governance Simplified

Information Security Governance Simplified: From the Boardroom to the Keyboard is a perfect guide to developing effective information security at all levels. The experienced and novice information security professional will find Information Security Governance Simplified, by Todd Fitzgerald, to be a valuable resource and … Continue reading

Posted in IT Risk Management, Reviews | Tagged , , , , , | 3 Comments

Case Study: Arkansas State University Privacy Policy and Web Trackers

This is a case study of the Arkansas State University privacy policy and the prevalence of web trackers on ASU websites. Although this case study is specific to Arkansas State University, the approach and tools used along with the findings … Continue reading

Posted in Case Studies, Privacy | Tagged , , , , , , , , | 3 Comments

Tracking the Trackers on College and University Web Sites

Tracking the trackers on college and university web sites is surprisingly easy and something every CIO, CMO  and compliance officer should be able to do. Here I will offer another layer of insights into how users are tracked on your … Continue reading

Posted in Privacy | Tagged , , , , , , , | Comments Off on Tracking the Trackers on College and University Web Sites

Facebook Like Button Violates University Privacy Policy

The Facebook Like button is on so many college or university websites even when the Facebook Like button violates most every college and university privacy policy. I realize your chief marketing officer, foundation director and director of alumni relations love … Continue reading

Posted in Privacy | Tagged , , , , , , | 5 Comments

Got Web Beacons, Tracking Cookies or Browser Fingerprinting?

Web beacons, tracking cookies, pixel trackers and browser fingerprinting are used increasingly on college and university web sites. Unfortunately, most CIO’s and Chief Marketing Officers have very little knowledge of these web trackers presences and are naive as to their … Continue reading

Posted in Privacy | Tagged , , , , , , | 8 Comments

IT Stress Test – Lessons from Submarines

IT stress test scenarios using lessons from submarines will determine the IT department’s minimum operating levels and what is truly critical. Using some analogies from my time on submarines seemed like an interesting and relevant way to further illustrate the … Continue reading

Posted in IT Financial Management, IT Risk Management | Tagged , , , , , | Comments Off on IT Stress Test – Lessons from Submarines