top of page
.png){kind=logo}
Radford University Case Study:
The Advantage of Insight in Action
Project Information
THE CHALLENGE
In recent years, digital threats targeting the education sector have increased dramatically, due to the massive amounts of personally identifiable information (PII), sensitive data, and proprietary research these institutions store. Regular IT security audits are crucial for higher educational institutions to ensure that critical data, networks, and systems are protected against cyber threats, and that these technologies can be relied on to meet the needs of faculty, staff, and students. However, effective IT auditing requires significant technical expertise. Recruiting and retaining highly skilled IT auditors can be a tall (and expensive) order for internal audit teams. Often, outsourcing or co-sourcing technology audits to third-party experts can be a cost-effective solution.
THE CLIENT
Located in Radford, Virginia, Radford University is an accredited public university that serves the Commonwealth of Virginia through a wide range of academic, cultural, human service, and research programs. Founded in 1910, Radford offers curricula for undergraduates, postgraduates, and doctoral students, and it is one of the state’s eight doctorate-granting public universities. Radford is well known for its commitment to its students, innovative use of technology, and pursuit of continuous review, evaluation, and improvement across all departments and functions.
“It was a pleasure working with Paul Ashe and his team. Paul’s team was very professional and knowledgeable about our industry and associated risk. Securance provided us with an unbiased and objective view of our IT environment. They not only made recommendations to help mitigate risks, but also commended our Information Technology Services team on achieving many best practices.”
- Dawn Taylor, Audit Manager, Radford University
THE SECURANCE SOLUTION
Working with a third-party consulting firm allows institutions to receive an unbiased, objective view of their IT environment from highly trained experts. Radford’s internal audit department contracted with Securance to conduct a series of IT audits for the university. Between April 2022 and March 2023, Securance worked with Radford to:
-
Assess internal IT controls supporting access management and user provisioning.
-
Review the disaster recovery and incident response plans to determine Radford’s readiness to respond to a business disruption or cyber event.
-
Identify risks associated with domain name services (DNS), the dynamic host configuration protocol (DHCP), and the firewall configuration and develop mitigation strategies.
-
Assess the security posture of Radford’s network layer, wireless communications, Identity Services Engine (ISE), and telephony.
The Securance team tailored each audit to fit Radford’s IT environment and align with its information security and risk management objectives. By applying their extensive experience working with higher education institutions, our consultants were able to make thoughtful recommendations to mitigate risks.
QUANTIFIABLE VALUE
Partnering with Securance assisted Radford’s internal audit staff with evaluating the risks affecting its technology environment, identifying areas in which its IT and security teams were excelling, and assessing how its IT risk profile aligned with its overall risk appetite. Our reports and recommendations helped Radford stakeholders and staff improve IT processes, make educated risk management decisions, and meet best practice standards. We also provided a knowledge transfer session at the end of each engagement to ensure lasting, sustainable improvements to Radford’s networks, systems, and IT processes and controls. Whether your organization is limited by internal IT audit expertise, a tight budget, or both, Securance can help you meet your IT risk management goals. Contact us for a free consultation today.
bottom of page