Ownership & Roles
EDUCAUSE published a Cybersecurity Governance Toolkit in 2024 - https://er.educause.edu/articles/2024/1/cybersecurity-governance-toolkit
Content pulled from Cal Frye of Case Western Reserve University from the June 2nd, 2021 final workshop.
Ownership and Roles
Assemble and Organize Your Team
Expect the makeup of your program team to change as it matures.
The implementation phase may require different offices and members than operation.
An independent program manager may be quite useful. This could be a consultant.
Once in operation, bringing larger labs into compliance may also be best treated as formal projects with designated managers to steer toward success.
Attend to communications with offices outside the team. Report often.
Do your offices work together well enough to be successful?
Is there a champion among senior leadership to instill a sense of purpose?
Does your intended process owner have authority to make decisions?
Have you defined roles and responsibilities clearly enough?
Do your offices each take ownership of their portion of the task?
The ultimate success is when your researchers can easily obtain the grants, do the work, run their labs, and publish their results. They are responsible for compliance success. How do you best help them achieve the goal?