Creation, Review & Approval Process

Procedures

1. A new IT requirement may be initiated based on the need for broad application throughout the College. The Leader for College IT Research, Infrastructure, and Support in conjunction with the IT Leader for College Information Security & Policy under College ATS leadership direction will designate other IT members to assist in the drafting and development of the policy. During this draft phase the policy will be clearly labeled DRAFT: IT Policy and will use the IT policy template.
2. Once a draft has been completed, it will be reviewed by other IT members of College and UITS. Edits will be requested and included until all are satisfied with the draft.
3. The draft policy will then be moved into 'Review' status and renamed 'REVIEW' at which time it will be sent to the the UITS ATS leadership(s) for additional review and edits.
4. Ratification of College IT requirements are achieved after approvals from the UITS ATS leadership(s).
5. The IT requirement will be posted on the College Information Security & Policy Office (CISPO) policies page.
6. If the requirement has impact beyond the IT team technical operations, the College Information Security & Policy Office will send communications announcing the new requirement approval, the reason for the requirement and any potential impact.
7. The Leader for College Information Security & Policy will initiate an annual review of policies and request updates from members of the IT team, affected faculty and staff, and leadership of the College.
8. Reviews and revisions will be indicated by a history timestamp noted at the bottom of each policy.