North Carolina A&T State University

Information Security Initiative


North Carolina A&T State University (has an enrollment of over 11,500 students in two professional colleges and seven schools.

N.C. A&T needed to develop a full scope information security program as part of an ITS revitalization initiative and in preparation for an upcoming state audit engagement.

Vantage worked closely with N.C. A&T to develop an information security program guided by higher education best practices and the requirements of the ISO 27002 information security framework, including scope to:

  • Create an information security program charter
  • Develop an information security governance structure
  • Update and create policies, operational standards, and baseline procedures
  • Complete information security maturity assessments for all applicable campus units
  • Complete a campus IT risk assessment.
  • Provide guidance in implementing a vulnerability scanning program
  • Determine roadmap of prioritized improvements for information security plans
  • Update and facilitate table-top exercise of enterprise-wide contingency plans for business continuity and disaster recovery


  • Defined a cohesive, unified approach to Information Security to meet ISO 27002 framework and other regulatory compliance programs
  • Engaged governance groups that supported annual plans and cycles of assessment to foster best practices and improve information security posture of the university
  • Coordinated a risk-based, transparent, program of Information Security services to support faculty, staff and students


  • Information Security Assessment
  • IT Governance Formation
  • Information Security Program Development


  • Higher Education Information Security strategy and best practices
  • ISO 27002 framework
  • Research and regulatory compliance
  • Information Security certifications
  • Information Security audit preparation
  • Client: North Carolina A&T State University
  • Location: Greensboro, NC
  • Project Type: Education
  • Services: Information Security Initiative