Damon Armour


20+ years in Information Technology roles. 14+ years in a leadership role in Information Security. Of those 20+ years, over 15 have been at state funded academic institutions. In addition, I earned my MBA in May 2008, which greatly aided me in fulfilling my goal of integrating information security into all facets of an entityʼs operations. To formalize my information security experience, I obtained a CISSP certification in May 2011, a CISM certification in September 2012 and recently a GIAC Strategic Planning, Policy, and Leadership (GSTRT) in 2019. Focus areas: Data Governance/Management IT/Cybersecurity Strategic Planning IT Risk Management Policy, Compliance Cybersecurity Awareness, Education & Training IT Governance, Risk & Compliance solutions NIST 800-171, CSF, RMF Privacy Frameworks

EDUCAUSE Publications

  • NIST SP 800-171 Overview
    • Policies, Guidelines, Plans and Procedures

    This overview provides a review of the timeline that introduced NIST SP 800-171 "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations" as a compliance framework, an overview of the control families for the 110 controls and a discussion of the impacts and concerns for higher education.

  • NIST SP 800-171 Toolkit
    • Policies, Guidelines, Plans and Toolkits

    In this toolkit, you will find an overview of NIST SP 800-171 and its implications for higher education, questions to ask during project planning, 7 Things You Should Know About CMMC to use when speaking with stakeholders and leadership, and a customizable control evaluation.

EDUCAUSE Presentations