Information Technology Governance, Risk and Compliance

ITGRC’s primary focus is management of IT- and security-related programs and processes at Boise State University.

Our Mission

As a department within the Office of Information Technology, ITGRC’s mission is to leverage industry standard GRC processes to:

  • Establish and maintain a regulatory framework to satisfy IT governance requirements.
  • Identify, evaluate and manage IT risks across the Boise State enterprise.
  • Monitor and report on Boise State IT compliance as it relates to state and federal laws.

Definitions

  • IT Compliance is defined as programs or processes that ensure Boise State’s IT resources and systems are operated in ways that meet the laws and regulations impacting those systems and comply with institutional policy.
  • IT Governance is defined as programs or processes that ensure that the campus IT strategy and OIT is aligned with the Boise State strategic plan.
  • IT Risk Management is defined as programs or processes that help Boise State identify the risks that it faces with regard to its present or planned IT resources and systems and affirmatively address those risks in a way that satisfies its overall goals.