Baker Tilly
Contact us
Cybersecurity and IT risks - Higher education internal audit back-to-basics
Multimedia

Cybersecurity and IT risks

Higher education internal audit back-to-basics video series 

Oct 10, 2024·Authored by Morgan Mincy, Amanda Vellocido

Cybersecurity issues in higher education are prevalent.

Explore the world of information technology (IT) in higher education as Baker Tilly’s cybersecurity specialists present a detailed discussion on key risks, challenges and audit frameworks for colleges and universities.

The video highlights the following:

  • Higher education institutions encounter diverse IT risks, such as reputational, competitive, operational, financial and regulatory issues. Addressing these risks is crucial for preventing significant impacts on enrollment, partnerships, research activities and more. Watch for specific challenges and examples of each type of risk!
  • Implementing a recognized cybersecurity framework helps colleges and universities standardize processes, ensure regulatory compliance (e.g., HIPAA, GLBA) and conduct more consistent, efficient audits across decentralized IT structures. Explore commonly used frameworks in the video!
  • Performing practical IT audits enhances an institution's risk management and cybersecurity posture. Align with best practices like the Institute of Internal Auditors’ (IIA) Three Lines Model for effective governance and risk management. See real examples of cyber incident response and vulnerability management audits in the video!

Watch this 20-minute video for answers to these questions: 

  • What key IT risks do higher education institutions face?
  • Why is regulatory risk a concern in higher education IT environments?
  • What IT challenges are specific to higher education institutions?
  • How does a recognized framework improve cybersecurity audits?
  • What frameworks are commonly used for cybersecurity audits in higher education?
  • What is the IIA Three Lines Model, and how does it apply to cybersecurity?
  • What are the benefits of using a framework like NIST or ISO in higher education IT audits?
  • What is the purpose of a cyber incident response audit?
  • How can institutions strengthen their cybersecurity posture by regularly assessing IT risks, adopting a recognized framework and conducting audits?

Presenters and subject matter specialists: 

  • Morgan Mincy​, Manager, Risk Advisory​
  • Amanda Vellocido​, Manager, Risk Advisory​

Baker Tilly can help

Is your higher education institution prepared to address IT risks? Have you implemented a robust cybersecurity framework? To learn more about how Baker Tilly can help, reach out to us today!

Higher education internal audit back-to-basics

Catch up on the previous five videos in the series.
  1. Higher education procurement: internal audit back-to-basics​ video series

    Procurement risks and controls

    The first episode of our internal audit back-to-basics video series delves into defining internal control and higher education procurement risks, while highlighting key components of the procurement cycle.
  2. student account management

    Student accounts and financial aid

    The second episode of our higher education internal audit back-to-basics video series focuses on student account management, highlighting key risks associated with financial aid and audit approach.
  3. Higher education donations

    Gifts and advancement

    The third episode of our higher education internal audit back-to-basics video series discusses the gift management lifecycle, highlighting key risks and best practices.
  4. Data analytics in higher education: questions, challenges and the analysis process  

    Data analytics: questions, challenges and the analysis process

    The fourth episode of our internal audit back-to-basics video series examines the data analytics process in higher education.
  5. Navigating HR challenges in higher education and payroll compliance ​in higher education

    Navigating human resources and payroll compliance

    The fifth episode of our internal audit back-to-basics video series reviews key HR in higher education functions, highlighting risks and compliance challenges.
Questions? Contact usarrowCreated with Sketch.
Students walking on a college campus

Internal audit resources for higher education

Navigate your higher education institution’s risk roadblocks with Baker Tilly’s internal audit trailblazers. Bookmark this resource center for the latest industry insights!

Visit the resource centerarrowCreated with Sketch.

Cybersecurity insights

Discover more cybersecurity and IT insights to protect and enhance your higher education institution.
  1. ai cybersecurity and data governance risks

    AI: How to manage cybersecurity and data governance risks

    In this webinar, Baker Tilly and HITRUST specialists discuss the benefits and risks of using AI platforms, various frameworks and how to protect your organization.
  2. cybersecurity program program management and governance

    Elevate your cybersecurity program: Integrating program management and governance

    Building strong cybersecurity safeguards requires governance, design, validation and monitoring to improve resilience and effectiveness.
  3. ransomware prevention

    Ransomware prevention guide

    Our ransomware prevention guide explores eight leading cybersecurity practices to minimize an organization’s chance of a ransomware attack.
  4. NIST releases new version cybersecurity framework (csf)

    NIST publishes major revision to Cybersecurity Framework (CSF): What organizations need to know

    NIST released a new version, NIST CSF 2.0, to address the evolving cybersecurity landscape and cybersecurity risks faced by organizations.
Questions? Contact usarrowCreated with Sketch.

Related sections

Students walking to class on a college campus
Next up

Higher education internal audit: Going back-to-basics for effective risk management and compliance

Go to multimediaarrowCreated with Sketch.