ABSTRACT
As educational institutions increase their reliance on data to make programmatic, curricular, and student decisions, the need for security protocols to protect those data become increasingly necessary. This chapter addresses how contingency planning, a part of a broader framework known as risk management, can be used to plan for security events such as data breaches. A brief overview of the risk management framework is examined and then delves into the contingency planning process. Contingency planning is broken down into four phases: identification, assessment, disclosure, and remediation. Each phase is examined to provide decision makers in educational settings with a broad overview of how to construct a contingency plan to protect data.
