Education IPL Playbook — Information Governance

The data flowing through your shop is institutional data. The chain of custody is either auditable or it isn't.

Variable data governance, audit trail discipline, vendor consolidation case, fleet security as context. The information governance work the in-plant leader owns, influences, and translates.

Some of the institution's most sensitive print work comes through the in-plant.

Admissions files. Donor mailing data. Transcript runs. Accommodation packets. Benefits enrollment materials. Recruiting pieces. Financial aid updates. Board materials. Student records.

When that work flows through your shop, the institution needs more than a completed job. It needs a record of what came in, who touched it, how it was produced, where it went, and what happened to the source files afterward. That chain of custody is in your hands when the work is in your shop — and it breaks at the vendor boundary when it goes outside, often to a commercial printer whose MSA says very little about how the data will be held, by whom, or for how long.

The IPL does not own the full campus or district print fleet. IT owns device security configuration. Finance owns cost centers and vendor policy. Compliance owns regulatory interpretation. General Counsel owns contract risk. Senior leadership owns governance posture.

The IPL owns the work that flows through the shop. That includes intake discipline, source-file handling, production documentation, delivery confirmation, retention and destruction practices, and the shop's ability to answer a chain of custody question without reconstructing the story from memory.

This playbook helps you build that answer — and helps you translate it for the five coalition members who measure the institution's information governance posture from very different chairs.

Start a Discovery Conversation Download the Outcomes Scorecard

Playbook at a glance

The whole playbook in one view

Coalition partners, maturity arc, build modules, and reporting cadence. The detail follows below; this is the map.

Information Governance playbook diagram. Coalition: IT, CFO, Compliance Officer, General Counsel, Senior Leadership. Maturity arc: Cost Center, Consulted, Trusted Producer, Campus Expert. Six build tracks split between two zones — Own (Variable-Data Governance, Audit-Trail Discipline, Vendor Consolidation) and Influence (Fleet Security Context, Shadow-Print Exposure, Strategic Governance Report). Cadence: Quarterly coalition conversations, Annual Governance Report to the Audit Committee, Annual re-baseline.

What it helps you prove

What this playbook helps you prove

Information Governance is about knowing what sensitive information touches print, where it moves, and whether the handling is documented.

For the in-plant, the clearest ownership areas are shop-level documentation, variable data handling, chain of custody records, and the case for keeping sensitive print work inside the institution instead of sending source data to outside vendors.

The IPL can also influence broader institutional governance. That may mean helping IT understand which workflows involve sensitive information, helping Finance identify outsourced print exposure, helping Compliance see where documentation gaps exist, and helping leadership understand why print belongs in the information governance conversation.

This playbook helps answer five practical questions:

  • Which print jobs carry sensitive or regulated information?
  • Can the shop document the chain of custody for those jobs?
  • Which variable data files stay inside the institution and which leave for outside vendors?
  • Where does shadow print create avoidable exposure?
  • What should leadership know about print as part of the institution's governance posture?

The goal is calm, practical documentation. No alarm. No overclaiming. Just a clearer picture of what the shop owns and what the institution should govern.

Start inside the shop

Start with what the IPL owns

Begin inside the shop.

The strongest Information Governance work starts with the jobs your team already touches. If a source file includes student, family, donor, employee, applicant, health, financial, or other sensitive information, the shop should know how that file entered the workflow and what happened to it after production.

For each sensitive job, the shop should be able to answer a simple chain of custody checklist: Who requested it? What source file came in? Where did the file come from? Who had access to it? What was produced? How was output verified? How was it delivered or mailed? What happened to the source file afterward?

That is the foundation.

From there, the IPL can help the institution see the larger picture: work that bypasses the shop, data sent to outside vendors, unmanaged devices printing sensitive content, or recurring workflows that need stronger documentation. The ownership line matters. The IPL is not responsible for configuring the district or campus fleet — that belongs with IT. The IPL is the person who understands what print work carries sensitive information, what chain of custody discipline exists inside the shop, and where the institution loses visibility when work leaves the shop.

What about the operational depth on the other pillars?

Accommodation chain of custody depth on student materials — IEP and 504 print, format-specification fidelity, the dignity-of-the-material framing — lives in Playbook 1. Web-to-print portal access controls, FERPA-compliant submission workflow, smart-locker chain of custody for controlled-handling material, and the operational service-delivery half of the institutional relationship live in Playbook 2. Variable data composition for advancement, admissions, and athletics outward-facing campaign work — the operational depth on the variable data workflow itself — lives in Playbook 3. The institution's overall print governance posture, the audit committee facing translation, and the General Counsel's exposure reduction case live here.

See the IPL Student Readiness Playbook (Playbook 1) →, the IPL Educator Capacity Playbook (Playbook 2) →, and the IPL Institutional Reach Playbook (Playbook 3) →

The scorecard

The Information Governance scorecard

These are the metrics most likely to matter in an Information Governance conversation. The first group sits closest to the IPL's direct control. The second group belongs to institutional partners, but the IPL can help surface, explain, or contextualize them.

The metric that travels furthest in an audit committee conversation is audit trail completeness on regulated content work — and it is the one you can build from your own shop's records, without waiting for a fleet report. If you take one metric forward this quarter, take audit trail completeness.

The governance rows of the Outcomes Scorecard. The first five sit closest to the IPL's direct control. The remaining four belong to institutional partners but benefit from the IPL's operational knowledge.
Metric What it shows How to use it
Chain of custody completeness Whether sensitive or regulated jobs have a complete record from intake through delivery and file disposition. Start with a quarterly sample. Score whether the shop can document requestor, source file, access, production, verification, delivery, and retention or destruction.
Variable data file handling record Whether admissions, advancement, athletics, HR, or other source files stayed inside the institution's controlled workflow. Track source system, file owner, record count, access, composition process, output verification, delivery, and final file disposition.
Regulated content job inventory Which shop workflows involve sensitive information. Use this to separate routine jobs from jobs that need elevated documentation.
Time to retrieve documentation How quickly the shop can answer a records question about a completed sensitive job. Test this quarterly. A useful target is same-day or next-business-day retrieval from shop records.
Outside vendor data exposure Which outsourced print jobs require the institution to send source data to an outside provider. Track vendor, job type, source data, transmission method, retention terms if known, and whether the job could move inside.
Cost and vendor visibility Whether outsourced print spend can be tied to departments, functions, vendors, and data handling needs. Use this with Finance to identify work that should be reviewed for cost, risk, or consolidation.
Shadow print exposure Which unmanaged or locally controlled devices produce sensitive work outside the shop. IT may identify the devices. The IPL can help identify what those devices are likely being used for.
Fleet security posture Whether institutional devices are configured, monitored, and governed according to IT's baseline. IT owns this metric. The IPL should understand enough to explain why device governance matters for print workflows.
Incident response readiness Whether the institution has a plan for print related data events. The IPL can help define realistic scenarios and make sure print workflows are represented.

If you only track three items this quarter, start with chain of custody completeness, variable data file handling, and outside vendor data exposure. Those three sit closest to the IPL's real authority — and they create the clearest bridge to Compliance, General Counsel, Finance, and IT.

The coalition

What each coalition cares about

The same governance gap sounds different depending on who is accountable for it.

IT cares about endpoints and configuration. Compliance cares about documented handling. General Counsel cares about vendor risk and incident response. Finance cares about cost visibility and vendor consolidation. The audit committee cares about whether print has been brought into the institution's overall governance posture.

Your job is to translate what the shop sees into language each partner can use.

Filter by chair

General Counsel / Office of Risk Management

General Counsel / Office of Risk Management — where institutional data leaves institutional control

For General Counsel, the question is where institutional data leaves institutional control.

When advancement, admissions, athletics, HR, or another office sends a personalized print job to an outside vendor, the source file usually carries donor PII, applicant PII, recruit PII, household relationships, giving history, or financial aid data. The vendor's MSA may say very little about how that data is held, by whom, for how long, or with what destruction terms. General Counsel often finds out the hard way — a vendor breach, a donor call about details that should not have been in the file, or a cyber insurance underwriter asking for the vendor list at renewal.

The in-plant can be the alternative. Variable data work for any office that touches institutional PII can stay inside the institution's data handling envelope.

The question she is actually asking: Where does institutional source data leave institutional control, and can the in-plant be the alternative that keeps the highest-stakes data inside the institution's handling envelope?

Common objections or skepticism: "I have not seen a vendor MSA review on the print side." / "Our cyber insurance underwriter asked for a vendor list last cycle and the answer surprised everybody." / "The variable data composition platform advancement is using sits on a vendor's server with terms I have not reviewed."

Proof points:

  • A recent variable data campaign produced inside the in-plant, with chain of custody documented end to end.
  • The commercial MSA the work used to flow through, with the data handling gaps named.
  • Outside vendor data exposure on variable data work: dollar figure, vendor count, gaps per vendor.
  • A documented incident response runbook for print related data events.
  • An offer to join the cyber insurance underwriter conversation at the next renewal.

What to bring: A recent in-plant-produced campaign with full chain of custody. The outside vendor data exposure analysis on variable data work. A representative commercial vendor MSA with the data handling gaps annotated. The CRM integration architecture on the in-plant's composition platform (SSO, role-based access, encrypted file transfer, audit trail).

Compliance Officer / FERPA Owner

Compliance Officer / FERPA Owner — records, not alarm

For Compliance, the question is whether the institution can show what happened when sensitive print work was produced. A compliance officer does not need dramatic language. She needs records.

She lives with regulatory exposure. Accommodation print under IDEA carries chain of custody requirements an audit can ask for. FERPA-regulated student records print has delivery documentation requirements a parental complaint can surface. State privacy statutes add a regulatory layer that does not depend on federal FERPA enforcement to bite.

What she wants from the in-plant is audit trail completeness on regulated content work — enough to answer a regulatory question with documentation rather than reconstruction.

The question she is actually asking: If the institution receives an OCR complaint on accommodation, an audit on student records, a state privacy inquiry, or a parental complaint on FERPA-regulated print, can the in-plant substantiate what was produced for which student or family, in which format, on which date?

Common objections or skepticism: "The IEP print last semester didn't all match the spec, and I can't tell whether the resource teacher's manual photocopies are still happening alongside the in-plant runs." / "Our state's student data privacy statute is stricter than FERPA, and I don't have a vendor disclosure picture that maps to it." / "Scan-to-email at the building copiers is wide open and that is a state statute exposure even before any federal question."

Proof points:

  • Audit trail completeness on regulated content work, broken out by accommodation and student records.
  • First-time-right rate on accommodation format work — the IDEA or 504 fidelity metric.
  • Time to retrieve on a sample records request, target under 24 hours.
  • A documented incident response runbook for print related data events.
  • A specific recent example of a regulatory question the in-plant answered with documentation rather than reconstruction.

What to bring: The most recent chain of custody audit results. The accommodation format recipe catalog. The incident response runbook. A specific recent example of a regulatory question the in-plant answered cleanly.

CFO / Business Manager

CFO / Business Manager — cost visibility and vendor consolidation

For Finance, the question is whether print costs and vendor exposure can be explained.

A K–12 CFO is accountable to the board, the taxpayers, and increasingly to FOIA requests. A higher ed CFO is accountable to the trustees, the auditors, and the rating agency that holds the institution's bond. Both share the same operational pain: print spend is real, but rarely visible at the granularity the board or auditor will ask for.

The vendor consolidation case is the IPL's strongest argument here. Outsourced print spend goes to vendors that may or may not meet the institution's data handling standards — and the institution is often paying retail on work the in-plant could absorb at production cost.

The question she is actually asking: Can the in-plant produce the cost visibility reporting the board and auditor will ask for, and can it document the vendor consolidation savings my office can quote in the budget conversation?

Common objections or skepticism: "I cannot tell from the current data how much athletics is spending on print versus special education versus the main office." / "The board asked what we spend on printing last year and the answer was the lease number, which everyone knew was incomplete." / "We have vendors holding print related institutional data and I do not know what their MSAs say."

Proof points:

  • Cost by cost center reporting completeness, at the granularity the board, auditor, and FOIA request would ask for.
  • Outside vendor data exposure analysis: annual outsourced print spend, vendor count holding institutional PII, unit economics delta on work the in-plant could absorb, and data handling gaps on the residual vendors.
  • Documented savings the in-plant has produced in the period, with the flywheel mechanics named: visibility, accountability, right-sizing, cost reduction, reallocation.

What to bring: The cost by cost center quarterly report. The outside vendor data exposure analysis with the data handling audit attached. The vendor consolidation roadmap. The in-plant's documented savings for the period, paired with the projection for the next budget cycle.

IT Director / CISO

IT Director / CISO — the workflow picture behind the devices

For IT, the question is whether print workflows are visible enough to be governed.

IT may know which devices are on the network, which are managed, and which have security settings in place. What IT may not know is what those devices actually produce. The in-plant leader does. She understands which workflows involve sensitive records — accommodation materials, admissions files, donor data, HR information, benefits materials, transcripts, financial documents — and can help IT identify which devices and workflows deserve closer attention.

The right posture is partnership, not platform ownership. IT brings the device data. The IPL brings the workflow picture. Together that produces a governance view neither side can build alone.

The question she is actually asking: Can the in-plant help me see the print workflow dimensions of the fleet's security posture — what data classifications are moving through which devices — in a way that my network scan does not tell me?

Common objections or skepticism: "The print fleet isn't on my weekly checklist; I don't have a baseline of where it is today." / "We had identity authentication on, and then a firmware update reset it and nobody noticed for six months." / "Our scan-to-email is wide open; I know it, and I haven't had bandwidth to fix it."

What the IPL brings to this conversation: Not a platform recommendation — IT owns the platform decision. The IPL brings the workflow picture: which devices are running regulated content work (accommodation, transcript, variable data), which unmanaged devices in classrooms and administrative offices are producing work IT does not know about, and where the chain of custody is most vulnerable on devices that are not on a managed platform. That picture does not come from a network scan.

Proof points:

  • A documented picture of what regulated content work flows through which devices, managed and unmanaged.
  • The shadow print exposure picture: unmanaged devices the in-plant knows about, what work they produce, and the data classification.
  • An offer to run a quarterly regulated content workflow review jointly — the in-plant on workflow, IT on configuration.
  • A standing offer to convene a tabletop exercise for print related data events with IT, Compliance, General Counsel, and the in-plant in the room.

What to bring: The workflow picture of regulated content work across managed and unmanaged devices. The shadow print device list the in-plant can contribute from operational knowledge. A reference to the Print You Can Trust pillar page for the platform depth IT will want.

Audit Committee / Board IT Subcommittee

Audit Committee / Board IT Subcommittee — print as a managed institutional asset

For the audit committee, the question is whether print has been brought into the institution's overall information governance posture.

This is a conversation the IPL is almost always carried into by a sponsor — typically the CFO or the IT director. The room is not evaluating fleet specifications. It is evaluating whether the print environment is being managed alongside the institution's other governance categories.

The in-plant's contribution is the governance metrics it owns directly: audit trail completeness on regulated content work, variable data file chain of custody, and vendor spend exposure. The institutional metrics — configuration baseline adherence, drift incidents, shadow print exposure — are produced by IT and Finance. The IPL's role is to understand them well enough to speak to the print workflow dimensions behind them.

The question the room is actually asking: Has the institution's print environment been brought into the overall information governance posture, or is it the unreviewed endpoint the external auditor will eventually surface?

Common objections or skepticism: "The print environment has not been in our annual audit; explain why we should care now." / "We have an external IT audit and the print fleet was not in scope; what should we expect the auditor to find when it is?" / "We are deciding capital allocation across ten priorities; explain why the variable data composition investment is on the list."

Proof points:

  • The annual governance report, with year-over-year trend on the headline metrics.
  • Audit trail completeness on regulated content work, broken out by accommodation, student records, and variable data.
  • Variable data file chain of custody as the headline exposure reduction number, paired with the outside vendor data exposure trend.
  • The vendor consolidation roadmap with the recommended capital allocation cadence.
  • The institution's position on the print governance continuum (Level 1 → 4), with the documented next move named.
  • The capital allocation request for the variable data composition platform, framed as exposure reduction with General Counsel's endorsement.

What to bring: The annual governance report. The CFO sponsor's cover memo and the IT director sponsor's sign-off. The capital allocation request with the payback and exposure reduction modeling. The IPL does not walk into the audit committee unsponsored; the CFO and the IT director are the sponsors, and the IPL has briefed them before the meeting.

The maturity path

Where your print governance stands today

Use this maturity model to place the shop's governance posture honestly. Keep the distinction clear: some levels describe what the IPL owns inside the shop. Other elements depend on institutional partners.

Level 1
Cost Center
Regulated print flowing without chain of custody documentation.
Read the full description

Sensitive jobs move through the shop, but documentation depends on email, staff memory, job tickets, or informal habits.

The work may be completed correctly, but the shop cannot easily show the full chain of custody. Source files may be saved inconsistently. Delivery confirmation may be partial. Retention or destruction may not be documented. Outside vendors may receive source data without a clear review process.

This is a documentation gap before it is a technology gap.

Level 2
Consulted
The shop has intake discipline, but the record is still incomplete.
Read the full description

The shop has a consistent intake path for sensitive work. Requestor, job type, file name, due date, and delivery method are captured. Operators understand which jobs need extra care. Some delivery or pickup records exist.

The chain of custody is improving, but the record is still incomplete. File access, source system, record count, output verification, and file disposition may not be consistently documented.

This level gives the IPL a foothold.

Level 3
Trusted Producer
Sensitive workflows have a complete documentation standard.
Read the full description

Sensitive and regulated workflows have a complete documentation standard.

For selected job types, the shop can show requestor, source file, source system, access, production path, output verification, delivery confirmation, and retention or destruction. Quarterly samples are reviewed. Gaps are corrected. Vendor exposure is tracked for work that leaves the institution.

This is the level the IPL can build from inside the shop.

Level 4
Campus Expert
The institution's named, auditable safeguard for PII.
Read the full description

The shop's governance practice is connected to the institution's broader IT, records, legal, finance, and compliance posture.

IT understands which print workflows involve sensitive information. Finance has visibility into outsourced print and vendor exposure. Legal reviews the highest-risk data handling arrangements. Compliance can retrieve documentation quickly. Shadow print is being reduced or brought under management. Senior leadership receives a simple governance report.

This level requires coalition work.

The most important move is Level 2 → Level 3. That is where the IPL turns good habits into auditable practice. Level 4 comes when institutional partners use that practice to improve the broader print environment.

The build-out

Six tracks for an Information Governance build-out

These tracks are sequenced by ownership. The first three sit closest to the IPL's direct control — buildable from the in-plant's own intake and analysis. The remaining three are coalition work: the IPL surfaces the picture and brings the evidence; IT and Finance act on it. Track 4 is kept deliberately light here — the operational depth on fleet security lives in the Print You Can Trust pillar page.

01
Variable data governance — keep the sensitive data inside the in-plant
Donor data, applicant data, recruit data, and personalized cultivation lists should stay inside the institution. Make the case and run the shop accordingly.
Read the full description

Variable data work is one of the strongest governance arguments for the in-plant.

Advancement, admissions, athletics, HR, and other offices may send personalized work to an outside vendor because the vendor has the template, mailing workflow, or data process already built. That can solve a production problem while creating a data handling question.

The in-plant can offer a better path when the shop has the right workflow. License a variable data composition platform inside the in-plant (XMPie, FusionPro, or Fiery variable data tools). Connect it to the institutional CRMs over secure channels. Apply role-based access. Document retention and destruction per the institution's records retention policy. For every variable data job, log the source file, the composition platform, the access record, the output verification, and the file disposition.

Then pilot one controlled workflow — an admissions mailing, a donor communication, a recruiting piece, or a benefits packet.

Measure: variable data file handling completeness, vendor work recovered inside the shop, documented exposure reduction case for General Counsel.

02
Audit trail discipline — document what flows through the shop
Every regulated content print job has a complete trail. Build the practice from your own intake records. No capital decision required.
Read the full description

Start with one sensitive workflow already moving through the shop. Choose something with enough volume to matter and enough documentation need to make the effort worthwhile.

For that workflow, define the minimum record the shop will maintain: requestor, source file name, source system, date received, record count where applicable, access by role or operator, production or composition method, output verification, delivery or mail confirmation, retention or destruction action.

Keep the process simple enough to use every day. A chain of custody standard that operators cannot maintain under peak volume will fail when it matters most.

Then build the quarterly habit: pull a sample of 10 jobs per regulated category, score traceability, fix the gaps, document the audit. A compliance officer's question — what was produced, for whom, in what format, on what date — should be answerable from shop records, not reconstructed from memory.

Measure: chain of custody completeness on regulated content work, time to retrieve documentation, audit-sample remediation cycle time.

03
Vendor consolidation analysis — the IPL's business case to the CFO
Bring the work inside; reduce the vendor count that holds institutional PII.
Read the full description

Work with institutional partners to identify print jobs that leave the institution with source data attached.

Do not start with every vendor. Start with recurring work that uses sensitive or personalized data. For each vendor-supported workflow, capture: office owner, vendor, job type, annual spend where available, source data included, transfer method, agreement status, and whether the in-plant could produce the work today.

For vendors that should stay outside, name what their MSAs should be tightened to — institutional data handling standards, not commercial defaults.

This is not a legal review. It is a visibility exercise the IPL can help initiate. The savings flywheel — visibility to accountability to right-sizing to cost reduction to reallocation — is the documented institutional outcome.

Measure: outside vendor data exposure trend, vendor count holding institutional PII trend, documented savings, recurring jobs reviewed and resolved.

04
Fleet security — know it, speak to it, reference the right page
The IPL is not deploying the fleet security platform. She is the person in the room who understands why configuration posture matters for the work her shop produces.
Read the full description

The IPL should not own fleet security. The IPL can help IT understand workflow risk.

Build a simple review with IT around one sensitive workflow at a time. Identify which devices touch the workflow, whether authentication or secure release is needed, whether unmanaged devices are involved, and whether the work could move to the in-plant or another managed path.

IT brings the device data. The IPL brings the workflow data. Together they produce a governance view neither side can build alone.

For the platform depth — OEM security baselines, cloud-managed drift detection, real-time remediation specifics — see the Print You Can Trust pillar page. That is the right reference for conversations with IT about what the platform options are and how they compare.

Measure: sensitive workflows jointly reviewed, workflows moved to a more governed path.

05
Shadow print exposure — surface the picture IT cannot see from a network scan alone
The IPL knows what those unmanaged devices in classrooms and administrative offices actually produce.
Read the full description

Shadow print often grows for understandable reasons. A person needs privacy, speed, control, or immediate output. Sometimes the device should stay. Sometimes it is a workaround that creates cost, security, or documentation problems.

IT can run a network discovery scan and produce a count of unmanaged print devices. What IT cannot produce from that scan is what those devices are actually printing. The desktop printer in the special education coordinator's office. The counselor's office printer that produces student-data reports nobody inventoried. The advancement side-room printer that runs donor briefings before a campaign goes to the in-plant.

The IPL knows. Not from a network audit — from the inside of the institution's print workflows.

Start with one sensitive category. Review where the work is produced today, why the workaround exists, what would make the governed path easier, and whether the in-plant can absorb the work without slowing the people who depend on it.

Measure: shadow workflows identified, workflows moved, documentation improved.

06
Strategic governance reporting — translate the work for the coalition
The in-plant's governance metrics, in coalition language, to the right rooms at the right cadence.
Read the full description

Once the shop has a baseline, turn it into a simple governance summary for the audit committee or board IT subcommittee.

Keep it short:

  • Sensitive work tracked
  • Chain of custody completeness
  • Variable data jobs handled inside the shop
  • Outsourced data-driven work identified
  • Shadow print workflows surfaced
  • IT, Finance, Compliance, or Legal actions needed
  • Recommended next 90-day step

The audience is not looking for production detail. It is looking for governed work, visible exposure, and a responsible next step.

Co-sponsor the summary with the CFO and the IT director. The IPL's credibility in that room is a function of the sponsors' credibility — and their willingness to carry the conversation is a function of the metrics the IPL has produced over the preceding quarters.

Measure: reporting cadence completion, capital allocation decisions made off the summary, year-over-year trend on the headline governance metrics.

Tracks 1, 2, and 3 build from inside the shop. Track 1 includes one capital decision — the variable data composition platform, funded on the General Counsel's exposure reduction case, not on print economics. Tracks 4, 5, and 6 are coalition work — surface the picture, bring the evidence, let institutional partners act. The IPL who walks into the coalition conversation with Tracks 1, 2, and 3 already documented is the IPL whose case gets heard.

The 90-day baseline

The 90-day Information Governance baseline

Choose one sensitive workflow and baseline it for 90 days.

Good starting points include a transcript run, accommodation packet workflow, admissions mailing, donor mailing, benefits enrollment kit, recruiting packet, financial aid communication, or multilingual family communication.

Track the workflow from source file to final disposition: workflow owner, source data used, file transfer method, access permissions, output produced, verification step, delivery or mailing confirmation, file retention or destruction, outside vendor involvement, and missing documentation.

At the end of the baseline, write a one-page summary. Name what was tracked, what sensitive information was involved, what documentation existed, what documentation was missing, what the shop can fix now, what requires institutional partnership, and what should happen next quarter.

That one page becomes the start of the governance conversation.

How to use it

How to use this in coalition conversations

Keep the conversation close to the work.

Do not start with print security as an abstract category. Start with a real workflow. Show how a transcript run moves today. Show how admissions data reaches the shop. Show where donor files go when advancement uses an outside vendor. Show how accommodation materials are documented. Show what is known about sensitive work produced outside the managed path.

Then translate the finding for the person in front of you. For IT, the message is: here is the workflow picture behind the devices. For Compliance, the message is: here is what we can document today. For General Counsel, the message is: here is where source data leaves institutional control. For Finance, the message is: here is the vendor and cost picture. For senior leadership, the message is: here is what the shop can govern now and what needs institutional review.

Bring three things: a specific workflow, a documentation sample, and a practical next step.

The next step should be concrete: a 10-job audit, a variable data pilot, a vendor exposure review, a joint IT workflow review, a shadow print category review, or a one-page governance summary. That is how the IPL turns operational knowledge into institutional trust.

Related playbooks

Where this playbook ends, three others begin.

Student Readiness

Accommodation print under IDEA and 504 — the chain of custody requirements, format recipe documentation, and IEP fidelity framing — lives in Playbook 1. Information Governance covers the institution-level audit trail and compliance reporting that accommodation production feeds into. Use Playbook 1 when the conversation is about production capability and format delivery; use this playbook when the conversation is about documentation, regulatory readiness, and compliance. See the playbook →

Educator Capacity

Web-to-print portal access controls, FERPA-compliant submission workflow, smart-locker chain of custody for material that requires controlled handling, and the operational service delivery half of the institutional relationship live in Playbook 2. Information Governance covers the governance posture and the audit committee translation of what Educator Capacity's operational systems produce. Use Playbook 2 for the workflow; use this playbook for the governance argument. See the playbook →

Institutional Reach

Variable data composition for advancement, admissions, and athletics campaign work — the operational depth on the workflow itself — lives in Playbook 3. Information Governance covers the data handling discipline that governs that same workflow: who holds the source data, how the chain of custody is documented, and what happens when the work goes to an outside vendor instead. Use Playbook 3 for the campaign and reach argument; use this playbook for the General Counsel and audit committee conversation. See the playbook →

Back-bridge

Bring the stakeholders up to speed

Need to bring your IT director, CFO, compliance officer, general counsel, or audit committee up to speed on why this matters?

The Education Information Governance & Compliance pillar page is written for them. It explains why print belongs in the institution's information governance posture, how sensitive information moves through print and scan workflows, and where documentation, vendor exposure, and device governance need attention.

Use this playbook to prepare the proof. Use the pillar page to help the coalition understand why the work deserves review. Send the link before the next governance review, not during it.

See the Education Information Governance & Compliance pillar page →

Closing

Start with one sensitive workflow.

You do not need to build the institution's full print governance posture in one quarter. Choose the sensitive workflow your shop already touches — a transcript run, an admissions mailing, an accommodation packet — document it for 90 days, and bring the chain of custody picture to the one coalition member who most needs to see it.

Then decide what the next 90 days should prove.

That is how the shop moves from the endpoint nobody has reviewed to the institution's print-data firewall.

Start a Discovery Conversation Download the Outcomes Scorecard

Deep reading

Variable Data Governance for University and District In-Plants: Keeping Institutional PII Inside the Data Handling EnvelopeTBD
Audit Trail Completeness for Regulated Content Print Work at the University and District In-PlantTBD
Vendor Consolidation Analysis for the University and District In-Plant: The CFO's Print Spend Audit and the General Counsel's Data Handling Audit, Side by SideTBD
The Printer IT Forgot About: How Personal Printers in Classrooms Create Hidden Privacy GapsTBD
What Is "Configuration Drift" — And Why It's the Biggest Print Security Gap in Most School DistrictsTBD
Building the Strategic Governance Report for Your Audit Committee: How the In-Plant Translates Print Fleet Governance Into Board-Quotable LanguageTBD