Security-minded IT leaders at research institutions already oversee a high volume of research compliance projects related to data security. Leaders can expect more requests as grant awards increasingly contain more
explicit security and compliance language regarding storage, access, and reporting. But as the number of requests expand, resources are not.
CISOs are caught between a desire to elevate researcher awareness of information security risks
and the IT security team’s capacity to provide services to rectify these risks. To overcome barriers to securing research data, IT leaders need to proceduralize research compliance—and increase awareness among researchers of self-service security tools.
Read this executive brief to discover ways that progressive higher education organizations are proceduralizing research compliance among their faculty.
Surfacing Research Data at Risk
Online Risk Diagnostic
Interactive Questions Pinpoint Applicable Data Restrictions
PIs can self-identify the level of risk related to their research data by accessing an
online tool that takes them through nine questions pinpointing the data restrictions
that apply to projects. If necessary, the Diagnostic will prompt the PI to contact the
information security team for consultation. Download the practice.
>Streamlining Access to Existing Solutions
Research Security Solutions Toolbox
Enabling Researchers to More Easily Find Security Solutions
To reduce security staff and PI effort to complete grant proposals, institutions are
linking results of security needs diagnostics to a catalog of common, pre-approved
security solutions related to different risks. These catalogs may even include language
PIs can use in their grant proposals to articulate the steps they will take to protect
their data. Extending these catalogs to includes costs associated with data security
protocols provides PIs with an estimate of initial and ongoing costs. Download the practice.
Uncovering New Areas for Protection
IRB Security Advisor
Managing Previously “Invisible” Risks
A handful of universities are appointing a representative from information security to
institutional review boards to spot check pre-award data management plans and
identify emerging research methodologies and projects that require may additional
security needs. Download the practice.
Next, Check Out
Reducing Cycle Time Between Need and Solution