Michigan State University

Security Program Review and Analysis


Located on the banks of the Red Cedar River in East Lansing, Michigan, Michigan State University (MSU) is one of the top research universities in the world. MSU pushes the boundaries of discovery and develops partnerships to solve the most pressing global challenges while providing academic opportunities to their diverse and inclusive academic community.

MSU is increasingly dependent on its information technology systems to deliver fast, reliable, and secure technology services to students, faculty, researchers, and staff around the world. IT and information security department leadership had recently changed and there was an immediate need to evaluate the current direction and scope of the information security program. Vantage was brought in to conduct an external program review and analysis to assess the effectiveness of the information security program according to higher education standards and develop high-level program recommendations.

Vantage interviewed MSU IT leaders, information security team members, and other campus technology stakeholders to identify the unique risks and challenges that should be identified in the college’s information security strategy. We also facilitated a workshop with the information security team to discuss and document current information security strategy, services and operations, program management, policy, compliance, awareness activities. Finally, we worked with the team to develop a forward-facing roadmap to help MSU evolve its institutional information security program to better meet its growing technology and data security needs.

Our deliverables included all workshop facilitation materials, information security program documentation, peer review assessment data, and a phased roadmap outlining future information security program activities designed to reduce institutional risk. Key features of this project included coaching and facilitating information security strategy discussions in an organization that was experiencing great change, and providing MSU with a concise assessment report that could form the basis for both executive leadership and staff briefings.


  • Helped institutional leadership understand their current information security program posture
  • Developed a prioritized roadmap to evolve the institutional information security program, focusing on strategic and proactive approaches
  • Concise assessment report suitable for executive- and staff-level briefings


  • Information Security Program Strategy Assessment
  • Information Security Controls Assessment


  • Higher education information security strategy and best practices
  • Information security certifications
  • College leadership, strategic planning, and governance
  • Client: Michigan State University
  • Location: East Lansing, MI
  • Market: Education
  • Project: Security Program Review and Analysis