Shirley Payne

AVP for Information Security, Policy & Records (Retired)
University of Virginia
Charlottesville, Virginia,
UNITED STATES

Biography

Shirley Payne was Assistant VP for Information Security, Policy, and Records at the University of Virginia until she retired from the position in 2014. In this capacity she focused on the continuous enhancement of information technology policies and security of the university's diverse and decentralized computing environment. She worked in partnership with units and individuals across the university to formulate policies, assess security risk, establish strategic direction, provide security education and training, implement security safeguards, track security incidents, develop business continuity plans, and related activities. She also oversaw the university's electronic and physical records management program. She has many years of experience in information technology, most of which has been in higher education. She holds a bachelor's degree in Computer Science from Winthrop University and a master's degree in Management Information Systems from the University of Virginia.

EDUCAUSE Publications

7 Things You Should Know About Information Security Metrics
- January 17, 2014
- Briefs, Case Studies, Papers, Reports
- Contributor
An information security metric is an ongoing collection of measurements to assess security performance, based on data collected from various sources.
Toolkit for Developing an Identity and Access Management (IAM) Program
- May 7, 2013
- Briefs, Case Studies, Papers, Reports
- Author
The IAM Program Outline has been created as a roadmap for institutions to use in developing an IAM program (or to address gaps in their current offerings) including:
E-Discovery Guideline and Toolkit
- August 14, 2009
- Policies, Guidelines, Plans and Toolkits
- Author
This E-Discovery Guideline and Toolkit was developed by one of the Higher Education Information Security Council Sub Working Groups.

See All Publications by Shirley Payne

EDUCAUSE Presentations

SEM01A-Using Information Security Metrics to Demonstrate Value and Drive Improvements (separate registration required)
- Security Professionals Conference, May 6
Data Governance: Essential for Strategy, Policy, and Operations
- Enterprise IT Leadership Conference 2012, May 17
Data Governance: Essential for Strategy, Policy, and Operations
- Security Professionals Conference 2012, May 17

See All Presentations by Shirley Payne

Memberships

EDUCAUSE

Member

EDUCAUSE Involvement

IdM Policies Working Group
- Member: 2012 - 2013
HEISC Governance, Risk, and Compliance Working Group
- Member: 2011 - 2014
HEISC Electronic Records Management
- Member: 2009 - 2011
EDUCAUSE 2009 Program Committee
- Member: 2008 - 2010
HEISC Confidential Data Handling Toolkit WG
- Chair: 2006 - 2011
HEISC Awareness and Training Working Group
- Member: 2004 - 2008
- Chair: 2006 - 2008
Cybersecurity and Privacy Program Advisory Committee
- Member: 2006 - 2008
Network Award Committee
- Ex Officio: 2003 - 2004
Mid-Atlantic Regional Conference Program Committee
- Member: 2003 - 2004
Security JB Book
- Member: 2003 - 2005
Recognition Committee
- Member: 2001 - 2004
Systems Security Taskforce Campus Policies
- Member: 2000 - 2002
PKI
- Member: 2000 - 2004
CAUSE/EFFECT Review Committee
- Chair: 1999 - 2000
- Member: 1998 - 2000
EDUCAUSE Quarterly Editorial Committees
- Chair: 1999 - 2000
- Member: 1998 - 2001
Editorial Committee
- Member: 1998 - 2001
CAUSE97 Program Committee
- Member: 1996 - 1997

Shirley Payne

AVP for Information Security, Policy & Records (Retired)

University of Virginia

Charlottesville, Virginia, UNITED STATES

Biography

EDUCAUSE Publications

7 Things You Should Know About Information Security Metrics

Toolkit for Developing an Identity and Access Management (IAM) Program

E-Discovery Guideline and Toolkit

EDUCAUSE Presentations

SEM01A-Using Information Security Metrics to Demonstrate Value and Drive Improvements (separate registration required)

Data Governance: Essential for Strategy, Policy, and Operations

Data Governance: Essential for Strategy, Policy, and Operations

Memberships

EDUCAUSE Involvement

IdM Policies Working Group

HEISC Governance, Risk, and Compliance Working Group

HEISC Electronic Records Management

EDUCAUSE 2009 Program Committee

HEISC Confidential Data Handling Toolkit WG

HEISC Awareness and Training Working Group

Cybersecurity and Privacy Program Advisory Committee

Network Award Committee

Mid-Atlantic Regional Conference Program Committee

Security JB Book

Recognition Committee

Systems Security Taskforce Campus Policies

PKI

CAUSE/EFFECT Review Committee

EDUCAUSE Quarterly Editorial Committees

Editorial Committee

CAUSE97 Program Committee

Charlottesville, Virginia,
UNITED STATES