AUCTC 2026

Governance Starts with Access: A Leadership-Driven IT Audit Story

Speaker: Heather LeBlanc and Annalee Brewer

In today’s rapidly evolving digital environment, the responsibility of protecting institutional data rests heavily on the shoulders of leadership. Managers and supervisors are not only gatekeepers of sensitive information within their departments, but also play a decisive role in ensuring that access to systems and data is granted only to those with legitimate business needs. This session will spotlight the University of New Brunswick’s (UNB) annual user access audit within its ERP system, underscoring the essential role that department leadership plays in maintaining compliance with financial audit requirements and upholding the security and integrity of institutional data. It will address the common challenge that managers and supervisors frequently approve ERP access without fully understanding the scope or implications of what they are authorizing, and will offer guidance to help leadership make informed decisions about access privileges.

IT access audits are far from thrilling—they rarely spark enthusiasm or inspire immediate action from leadership; yet UNB has created some excitement around their IT Access Audit. In this session, we will explore the targeted communication strategies used by Information Technology Services (ITS) to engage leadership to ensure they understand their responsibilities. Attendees will be shown the access dashboard within PowerBI that VP’s and Directors use throughout the audit period to provide a quick glance on how their unit is progressing.  The session will also highlight best practices for tracking, reporting, and resolving access issues, empowering leadership to make well-informed decisions and strengthen the institution’s data security posture. By focusing on the importance of leadership involvement, this session aims to equip participants with the knowledge and strategies needed to implement or enhance access management processes within their own organizations.

Learning Objectives:

• Strategies for engaging leadership and driving accountability in access management.
• An actionable understanding of the annual user access audit process, tailored to higher education ERP systems.
• Awareness of pitfalls and lessons learned from UNB’s multi-year audit experience.

Speaker Bio:

Heather LeBlanc is the Director of Business Transformation at UNB, where she’s been shaking things up for nearly a decade. With a knack for turning ideas into action, Heather draws on her rich consulting experience—having partnered with over 30 higher education institutions across Canada and the USA. When she’s not reimagining business processes, you will find her exploring the mountain bike trails in New Brunswick.

Annalee Brewer, widely known on campus as the ""Queen of Access,"" has dedicated 22 years to her role at the University of New Brunswick (UNB). With her extensive expertise and unwavering commitment, Annalee has become a cornerstone of IT Access knowledge and support for students, faculty, and staff.