Compliance Tools

Compliance Exchange

The Compliance Exchange is a group of functional level compliance officers, subject matter experts (SMEs), and policy owners set up to coordinate and communicate through the exchange of information.

The Compliance Exchange allows sharing of:

  • common compliance issues and ideas;
  • news and current events;
  • resources and tools;
  • activities and initiatives; and
  • professional development and training opportunities.

Anyone with compliance responsibility at any Indiana University campus may participate in the Compliance Exchange.  

If you are a compliance professional at IU and would like to be a part of the Compliance Exchange, please contact us at


Compliance Obligations

Obligations and requirements to which the university must comply:

External obligations:

  • Ongoing rules and regulations, accreditations, laws, and contractual obligations

Internal Policies:


Training and Agreement Tracking (E Training)

One of the keys for achieving compliance in any area is the provision of initial and recurring employee awareness and training about the compliance requirements. E Training is an enterprise tool that houses employee compliance training content and agreements that employees are required to assent to, and to track employee completion of training. 

Compliance staff throughout the university use the tool to write new or import already developed content. The system tracks completion of the training and provides the compliance staff with data to manage full compliance with the training requirements. The system may be set to require the training at certain recurring intervals, such as annually. 

For additional information, please email us at or click here:


Governance, Risk, and Compliance (E GRC)

A Governance, Risk, and Compliance (GRC) tool is an enterprise system used for the integration and alignment of those three areas necessary to avoid conflicts, wasteful overlaps and gaps. Through coordination, communication, and workflow processes, IU’s Enterprise Governance, Risk and Compliance (E GRC) tool assists with:

  • collecting information about regulatory, legal, and institutional policies and standards safeguard obligations;
  •  orchestrating compliance activity, assessing risk and compliance adherence, and identifying control weaknesses; and
  •  providing feedback to units and administration, typically through a "dashboard," such that they can prioritize risk and align resources in a more effective manner.

As a means to achieving the aforementioned benefits, the E GRC is built upon a solid foundation that includes: compliance management, risk management, process governance, incident management, privacy, and vulnerability management. Powerful enterprise statistics and analyses can be completed and provided to university executive administration and other appropriate areas such as compliance officers, legal counsel, and internal audit. This will enhance university-wide compliance planning and enable offices to more effectively identify where to focus awareness, education, and resources.

For more information about the EGRC, contact us at




Unified Compliance Framework (UCF)

The Unified Compliance Framework (UCF) is a complex database with multiple elements. These elements reflect over 400 authority documents and are beneficial as stand-alone references, or as intertwining templates that address requirements through the linking of sources to harmonized controls. For example, the information is beneficial as a framework in