Joanna Grama

Biography

Joanna Lyn Grama, JD, CISSP, CIPT, CRISC, directs the EDUCAUSE Cybersecurity Initiative and the IT GRC (governance, risk, and compliance) program. Joanna has expertise in law, IT security policy, compliance, and governance activities, as well as data privacy.

She is a member of the U.S. Department of Homeland Security's Data Privacy and Integrity Advisory Committee (appointed to Committee by Secretary Janet Napolitano) and serves as the chairperson of its technology subcommittee. Joanna is also a member of the Information Systems Audit and Control Association (ISACA); the International Association for Privacy Professionals (IAPP); the American Bar Association, Section of Science and Technology Law, Information Security Committee; and the Indiana State Bar Association. Joanna graduated from the University of Illinois College of Law with honors. She is a frequent speaker on a variety of IT security topics, including identity theft, personal information security, and university information security compliance issues. She is also the author of the textbook, LEGAL ISSUES IN INFORMATION SECURITY (2 ed, 2014).

Connect on LinkedIn: http://www.linkedin.com/in/joannagrama

Follow on Twitter: @runforserenity

EDUCAUSE Publications

  • Metrics Mania! Review
    • Blog

    This blog post summarizes key points from the August 2017 Metrics Mania! event and provides sample information security metrics for institutions to consider.

  • Trend Watch 2017: Which IT Trends Is Higher Education Responding To?
    • Briefs, Case Studies, Papers, Reports

    EDUCAUSE is in its third year of identifying the influence of major trends on the IT strategy of colleges and universities. This year’s list included 36 trends in the management and delivery of IT services, personal devices and personalized environments, data and analytics, teaching and learning, security and risk, and the Internet of Things

EDUCAUSE Presentations

Memberships

EDUCAUSE Member

EDUCAUSE Involvement

  • Budget-Conscious Roadmap for Information Security Programs
    • Staff Liaison: 2017 - Present
  • Security Professionals Conference 2018 Program Committee
    • Staff Liaison: 2017 - Present
  • HEISC Security Assessments Working Group
    • Staff Liason: 2017 - Present
  • Security Professionals Conference 2017 Program Committee
    • Staff Liason: 2016 - 2017
  • HEISC Mentor and PD Team
    • Staff Liason: 2015 - Present
  • ECAR/HEISC Information Security Leadership Working Group
    • Member: 2015 - 2016
  • Security Professionals Conference 2016 Program Committee
    • Staff Liason: 2015 - 2016
  • Security Professionals Conference 2015 Program Committee
    • Staff Liason: 2014 - 2015
  • IT Governance, Risk, and Compliance (GRC)
    • Staff Liason: 2014 - Present
  • HEISC Executive Committee
    • Staff Liason: 2013 - 2014
  • HEISC Advisory Committee
    • Member: 2012
    • Staff Liason: 2013 - Present
  • Security Professionals Conference 2014 Program Committee
    • Staff Liason: 2013 - 2014
  • HEISC Technologies, Operations, and Practices WG
    • Staff Liason: 2013 - Present
  • HEISC Information Security Guide Editorial Board
    • Staff Liason: 2013 - Present
  • HEISC Awareness and Training Working Group
    • Staff Liason: 2013 - Present
  • HEISC Governance, Risk, and Compliance Working Group
    • Chair: 2012
    • Member: 2009 - 2012
    • Staff Liason: 2013 - Present
  • Higher Education Chief Privacy Officers
    • Staff Liason: 2013 - Present
  • IT Issues Panel
    • Staff Liason: 2012 - 2016
  • EDUCAUSE Review Online Reviewers
    • Member: 2012 - 2014
    • Senior Reviewer: 2009 - 2011
  • HEISC Policies and Legal Issues Working Group
    • Member: 2008 - 2009