Office for Students has been a SureCloud client for cybersecurity services since March 2017 and began deploying SureCloud’s governance, risk and compliance (GRC) solution in July 2017 to assist with their responsibilities under GDPR.
![Vector (8)](https://www.surecloud.com/hs-fs/hubfs/Vector%20(8).png?width=199&height=498&name=Vector%20(8).png)
Office for Students has been a SureCloud client for cybersecurity services since March 2017 and began deploying SureCloud’s governance, risk and compliance (GRC) solution in July 2017 to assist with their responsibilities under GDPR.
The Office for Students (OfS) is the independent regulator of higher education in England, responsible for ensuring that all undergraduate and postgraduate students, whatever their backgrounds, have a fulfilling experience of higher education which enriches their lives and careers and delivers value for money.
They are headquartered in Bristol, with a workforce of around 450 people.
Higher Education Funding Council for England (HEFCE), Office for Students’ predecessor, become a client of SureCloud back in 2017, implementing the GDPR Data Privacy Management Suite to support and enhance their GDPR programme.
As a new organisation and a successor of HEFCE, Office for Students has been looking to mature its approach to risk management. The focus of this for the team was initially to improve risk policies and procedures, to develop internal capability, enhance reporting to show transparency and allow challenge, and to identify and manage risks enterprise-wide systematically.
These improvements established a highly effective risk management approach, but the organisation soon hit the ceiling in terms of their process supporting risk systems, with technology being a limiting factor rather than an enabler.
The organisation was relying on numerous disparate spreadsheets to assess and monitor different types of risk – these were inconsistent, time-consuming and error-prone.
Office for Students needed a single, seamless, enterprise-wide solution to manage and monitor all aspects of risk management.