计算的政策, standards and associated guidelines 是 formulated to direct and guide University practices, to help ensure compliance with laws, regulations and requirements, and to assist the University in reaching long-term goals. By establishing specific requirements for all members of the university community, policies and standards connect the university's mission to individual conduct, institutionalize impartial expectations, mitigate institutional risk, and enhance productivity and efficiency in the university's operations.
Policy and Standard Development
Newly created policies and standards, or changes to existing ones, can be triggered by a variety of factors, 如:
- A change in law, rule or regulation
- A weakness in the current structure
- To correct behavior or reduce risk
- An organizational change
- To streamline operations
- A new technical opportunity
- Periodic review and updates
的 Information 技术 Advisory Committee (ITAC) is appointed by the University and represents various campus constituencies. ITAC is charged with the review of draft policies and standards and assists with the vetting of these proposals. IT standards 是 reviewed annually by ITAC.
For background or information on these policies, or to provide feedback on drafts, please contact Kate Rhodes, Chief Information Security Officer, at kprhodes@guoyao100.net.
政策
大学政策 是 statements of management philosophy and direction, established to provide direction and assistance to the university community in the conduct of university mission and objectives. 的 following University policies address information technology:
- 3500: Use of Computing 资源
- 3501: Information 技术 Access Control
- 3502: Information 技术 Infrastructure, Architecture, and Ongoing Operations
- 3504: Data 政府 Policy
- 3505: Information 技术 Security Policy
- 3506: Electronic Communication Policy for Official University Business
- 3507: Information 技术 Accesibility Policy
- 3508: Information 技术 Project Management
- 3509: 软件 Decision Analysis Policy
标准, 程序 and Guidelines
它的标准 specify requirements for becoming compliant with University IT policies, other university policies, as well as applicable laws and regulations. 标准 may include technical specifications and 是 mandatory.
程序 and guidelines 是 methods for complying with prescribed standards developed by ITS operational units. 的se normally include step-by-step instructions and useful or required forms. 的se procedures and guidelines should be followed to ensure compliance with all standards and policies.
For reasons of security or content, many procedures and guidelines 是 not published; however, such procedures may be requested and provided upon request from the operational unit. 的 procedures and guidelines that 是 published 是 intended to give direction to system owners, data owners and users in particular situations.