Kick off your book project in 2 hours, get started with GhostAI in 2 hours, or do both! Free live workshops, on Zoom. You’ll leave with a real book project and a clear plan to keep going. Saturday, June 27, 2026.

Leanpub Header

Skip to main content
Go to Leanpub.com

EMBARGO!

Journalists and bloggers: please do not publish anything about this until the embargo is lifted!

Please contact the author for more information about when this is.

CampusCISO IT Policy Framework

2026 Edition

This book is 95% completeLast updated on 2026-06-10
Chris Schreiber

What IT policies should a higher education institution actually have? The CampusCISO IT Policy Framework answers that question with an inventory of 17 policies, 24 standards, and seven sector-wide gaps, grounded in annual research that now spans 400+ institutions, including every R1 research university in the United States.

Minimum price

$9.99

$19.99

You pay

Author earns

$

Also available for 1 book credit with a Reader Membership

PDF
EPUB
WEB
207
Pages
About

About

About the Book

The CampusCISO® IT Policy Framework is a reference for IT policy in higher education, grounded in annual research.

What it is: An inventory of 17 policies and 24 standards, with prevalence data showing what large research institutions actually publish and support. Each item is classified as Universal, Common, or Emerging based on observed adoption patterns at research universities, so you can see at a glance which items are sector-wide expectations and which are still emerging.

The evidence base: The framework is built from the 2026 CampusCISO IT Policy Study, a systematic review of policy libraries at 410 colleges and universities including a complete census of all 187 R1 research universities in the United States. The framework is updated annually as new research data becomes available.

What's inside the 2026 Edition:

  • The complete inventory of 17 policies and 24 standards organized by prevalence (Universal, Common, Emerging)
  • Insights into seven sector-wide gaps where higher education consistently falls behind regulatory or threat-driven expectations
  • How to determine your 0 to 100 Diagnostic Score combining quantitative coverage and qualitative governance assessment, with four relative maturity levels (Mature, Developing, Foundational, Minimal)
  • An overview of the framework's design philosophy and the annual research that validates and updates it
  • Edition history documenting how the framework has evolved
  • A Self-Assessment method institutions can use to baseline their own policy programs

How to use it: The framework is designed to be used as a reference for self-directed work. Institutions can complete the appended Self-Assessment themselves to identify and prioritize gaps. Paid editions include the Self-Assessment as a formatted, printable PDF. Other resources in the CampusCISO IT Policy family, including the companion guide and paid advisory engagements, are available at campusciso.com/it-policy-guide.

Who it's for: CIOs, CISOs, IT leadership, and governance committees at higher education institutions of any size. Consultants and advisors who serve the sector will find the framework useful as a vendor-neutral reference grounded in peer data.

Updated annually. The 2026 Edition reflects the 2026 CampusCISO IT Policy Study. Subsequent editions will incorporate new data and reclassify items as sector practices evolve.

Share this book

Categories

Computer SecurityBusiness and IT AlignmentReference

Feedback

Contact the author

Installments completed

2 / 3

License

Creative Commons Attribution-NoDerivatives 4.0 International License

Author

About the Author

Chris Schreiber

Christian "Chris" Schreiber

Chris Schreiber is a cybersecurity strategist with nearly 30 years of experience helping colleges and universities build defensible information security programs. He is the founder of CampusCISO, a higher education advisory practice he has run as a solopreneur since 2021. Chris also created the Cyber Heat Map capability assessment model, which began as a simple spreadsheet before growing into an online assessment and planning tool.

He learned to navigate the friction of decentralized IT governance by living it. Before launching his own practice, Chris served as the Chief Information Security Officer (CISO) at the University of Chicago, the University of Arizona, and the University of Wisconsin-Whitewater. He also translated institutional needs into product realities inside vendor organizations, including FireEye/Mandiant (now parts of Trellix and Google Cloud) and SunGard Higher Education (now Ellucian). Today he continues to guide the sector through advisory engagements with higher education technology leaders.

In his writing, Chris translates complex technical concepts into plain-spoken strategies. He writes about cybersecurity governance, IT policy, and pragmatic approaches to cyber resilience that help teams prioritize the improvements that matter most. A regular speaker at higher education conferences, Chris holds a Master's Certificate in Project Management from the University of Wisconsin-Madison and a B.S. in Business Administration from Central Michigan University.

Contents

Table of Contents

Preface

CampusCISO IT Policy Framework

  1. Introduction
  2. How to Use This Framework Document
  3. Framework Structure
  4. Policy Inventory (17 Identified)
  5. Standards Inventory (24 Identified)
  6. Framework Alignment
  7. The Self-Assessment and Diagnostic Score

The Policy Inventory

  1. Universal Policies (7)
  2. Common Policies (5)
  3. Emerging Policies (5)

The Standards Inventory

  1. Universal Standards (11)
  2. Common Standards (9)
  3. Emerging Standards (4)

The 2026 Study: Methodology and Findings

  1. Purpose
  2. Framework Design
  3. Institutional Tiers
  4. Sample and Visibility
  5. Prevalence Classification
  6. Scoring Methodology
  7. Aggregate Findings
  8. Limitations

CampusCISO IT Policy Self-Assessment

  1. Purpose
  2. Scoring Key
  3. Section A: Policy Inventory
  4. Section B: Standards Inventory
  5. Section C: Sector-Wide Gap Coverage
  6. Section D: Governance Maturity
  7. Section E: Your Diagnostic Score
  8. Section F: Gap Priority Analysis
  9. Section G: Improvement Planning
  10. Next Steps

CampusCISO IT Policy Framework Edition History

  1. 2026 Edition
  2. Version 4.3 (December 2025)
  3. Edition History Summary
  4. Where to go from here
  5. Document Information

About CampusCISO

Get the free Community Edition

You can get the free Community Edition in PDF or EPUB just by sharing your name and email address with the author, or you can just click this link to read a shorter sample online...

 

Also by the Author

Also by the Author

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $15 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub