Security-minded IT leaders at research institutions already oversee a high volume of research compliance projects related to data security. Leaders can expect more requests as grant awards increasingly contain moreexplicit security and compliance language regarding storage, access, and reporting. But as the number of requests expand, resources are not.
CISOs are caught between a desire to elevate researcher awareness of information security risksand the IT security team’s capacity to provide services to rectify these risks. To overcome barriers to securing research data, IT leaders need to proceduralize research compliance—and increase awareness among researchers of self-service security tools.
Read this executive brief to discover ways that progressive higher education organizations are proceduralizing research compliance among their faculty.
Surfacing Research Data at Risk
Online Risk DiagnosticInteractive Questions Pinpoint Applicable Data Restrictions
PIs can self-identify the level of risk related to their research data by accessing anonline tool that takes them through nine questions pinpointing the data restrictionsthat apply to projects. If necessary, the Diagnostic will prompt the PI to contact theinformation security team for consultation. Download the practice.
Streamlining Access to Existing Solutions
Research Security Solutions ToolboxEnabling Researchers to More Easily Find Security Solutions
To reduce security staff and PI effort to complete grant proposals, institutions arelinking results of security needs diagnostics to a catalog of common, pre-approvedsecurity solutions related to different risks. These catalogs may even include languagePIs can use in their grant proposals to articulate the steps they will take to protecttheir data. Extending these catalogs to includes costs associated with data securityprotocols provides PIs with an estimate of initial and ongoing costs. Download the practice.
Uncovering New Areas for Protection
IRB Security AdvisorManaging Previously “Invisible” Risks
A handful of universities are appointing a representative from information security toinstitutional review boards to spot check pre-award data management plans andidentify emerging research methodologies and projects that require may additionalsecurity needs. Download the practice.
Accompanying Tools
- Skip Logic Template: This template has pre-formatted language you can add to your online tool or survey to help researchers identify risk
- Research Compliance Services Catalog: This pre-formatted report will allow researchers to classify data and identify security protocols based on that classification
This resource requires EAB partnership access to view.
Access the research report
Learn how you can get access to this resource as well as hands-on support from our experts through IT Strategy Advisory Services.
Learn More