Governance, Risk and Compliance (GRC) evaluates and communicates risk, and advises on “where the line is” as it pertains to compliance, standards, policy, and other requirements set by the university.
We provide university administration, faculty, and staff with an understanding of their posture to enable more informed decisions. Ultimately, final decisions as to risk and risk accepatance are up to authorized university leadership.
If you are unsure who can officially accept certain risks, what the applicable processes look like, who the data stewards for certain data types are, or who the risk holder might be for an existing gap, GRC can help.
Services Available
- Risk assessment / compliance review & reporting
- Risk and compliance consulting
- Third Party Risk Management
- Risk acceptance/acknowledgement process facilitation
- Risk assignment process
If you are working with university data, one way to begin is to review the way that data is classified and to take a data classification survey.
Reach Our Team
Email securitysupport@illinois.edu and include the service you are inquiring about in the subject line.
Team Members
- Sandra Thompson, Assistant Director
- Larry Dunham, Digital Risk Officer
- Mark Baldwin, Senior Cybersecurity Engineer
- Josh Erenberg, Cybersecurity Risk Analyst
- Jesse Marsh, Cybersecurity Risk Analyst
- Zane Budnovich, Cybersecurity Risk Analyst
- Dan Ogwal, Cybersecurity Risk Analyst