OVERLAND PARK, KS–(Marketwired – May 01, 2015) – College campuses are often compared to small cities, due to the number of constituents involved and the variety of services provided. Included in this is a vast number of regulations, rules and best practices that guide university policies, ranging from campus safety to food safety to IT security. Translation: compliance headache.
According to a 2014 EDUCAUSE study on compliance in higher education, a majority of institutional respondents believe that higher education regulations are too complex. This is where policy management comes in. If the regulations themselves are extensive, one can assume that university policies will be complex, maybe even confusing. Beyond that, ensuring that faculty and staff have read, understand and are adhering to the published policies is another ball game.
These issues are multiplied when taking into account the myriad of federal and state laws (to name a few — FERPA, Clery Act, Title IX, PCI DSS, GLBA, state sunshine laws) that institutions must take into account. Then, there are other compliance challenges like NCAA rules, accreditation requirements, and student privacy laws.
Despite the difficulty of managing the regulations, policies and the headache that comes with them, many universities continue to manage this process manually through spreadsheets and Word documents. This presents further challenges:
- Potential for outdated policies to be confused for current ones. Take for instance, an outdated sexual harassment policy turning up in the midst of an OCR Title IX investigation. Someone’s in trouble.
- Lost time (and money) trying to track down the right policy or spreadsheet. Multiple versions of documents floating around as staff members make edits mean that work may be redundant or even lost. Further complicating the tracking of policies is the fact that different departments take care of different compliance initiatives.
- Laborious process of mapping policies to regulations. We’ve already seen the complexity of the higher education regulatory environment — who will volunteer to link up each requirement from the regulation to the policy? Not it.
- Ensuring faculty and staff are aware of and understand policies. They are ones who will actually act on the policies. Do you trust them to read, comprehend and follow through?
Taken together, these issues lead to an overall higher risk of non-compliance with key regulations. A centralized compliance effort may seem impossible due to the numerous stakeholders involved and the complexity of the regulations. Nonetheless, EDUCAUSE reports that 55 percent of institutions have a formal IT governance body, which is the first step to effective oversight of compliance initiatives. Many find that governance, risk and compliance (GRC) technologies, such as LockPath’s Keylight Platform, can help automate compliance efforts and ease the mind. This may be the bright light at the end of the dark compliance tunnel.
About LockPath
LockPath is a market leader in corporate governance, risk management, regulatory compliance (GRC) and information security (InfoSec) software. The company’s flexible, scalable and fully integrated suite of applications is used by organizations to automate business processes, reduce enterprise risk and demonstrate regulatory compliance to achieve audit-ready status. LockPath serves a client base of global organizations ranging from small and midsize companies to Fortune 10 enterprises in more than 15 industries. The company is headquartered in Overland Park, Kansas.
Image Available: http://www.marketwire.com/library/MwGo/2015/4/27/11G039712/Images/higher-education-433582297143.jpg
Support InfoStride News' Credible Journalism: Only credible journalism can guarantee a fair, accountable and transparent society, including democracy and government. It involves a lot of efforts and money. We need your support. Click here to Donate