Please report any problems to wiki-admin(a)lists.wisc.edu or use our support form. For more info Shared Tools KB

To follow disabled (grey) links, please log in to the wiki.

Skip to end of metadata
Go to start of metadata

Draft of 2017-2018 IT Policy Principles and Procedures

General description of the process. Still needs details related to IT Governance.

More detail about the individual steps of the 2017-2018 process

IT Policy Principles and Procedures FY 2016-2017

Information technology policy will be developed at UW-Madison using the following principles and procedures.

I. Rationale

 

It is necessary to implement IT policy to comply with federal and state laws, and to meet internal institutional needs. IT policy provides guidance, and establishes expectations for IT consumers and producers in the UW-Madison community. 

 

The IT Policy Principles and Procedures outline the process for creating and revising IT policy at UW-Madison. The policy development process is aligned with the Strategic Plan for Information Technology. Policy development procedures encourage collaboration and communication throughout the campus community, and provide a basis for sound planning practices that support strong decision-making. 

 

The principles and procedures detail a policy development process that:

  • is transparent,
  • aligns IT policies with institutional and local goals and needs,
  • ensures only needed policies are developed,
  • ensures policies are consistent,
  • ensures policies are appropriately reviewed, and
  • includes mechanisms for policy implementation and revision.

II. Scope

 

The IT Policy Principles and Procedures apply to all IT policy development at UW-Madison.

III. Roles and Responsibilities

             

1. Chief Information Officer and Vice Provost for Information Technology

 

The Chief Information Officer and Vice Provost for Information Technology is responsible for of IT policy development at UW-Madison. 

 

The CIO, along with advisors and assistants, leads IT policy in order to assure that:

  • Policies address compelling needs, are consistent with campus culture and strategies, and have appropriate scope and sponsorship.
  • There is transparent process, inclusive representation, appropriate review and revision, and practical implementation during development of IT policy.

2. Shared Governance

 

UW-Madison has a strong commitment to shared governance and distributed management. The governance and process for IT policy must incorporate stakeholders from throughout the institution.

Shared governance for IT policies is already in place. The Information Technology Committee (ITC) is the primary shared governance committee for IT policy. The involvement of shared governance helps assure alignment with institutional culture, and with the goals and needs of broad campus constituencies.

 

Role: The ITC and the CIO engage in an ongoing dialogue regarding the specifics of how shared governance should be involved in the policy development process.  

 

3. Deans, Directors and other Campus Executives

Executives can provide high-level coordination of IT policy with other areas of institutional policy. Executives help assure alignment with the goals and needs of schools, colleges and divisions, and they encourage the development of the institutional and local infrastructure and procedures needed to support compliance.

 

Role: One or more representative groups provide a high level coordination and sponsorship.

 

4. Operational–level management

Operational-level leaders assure alignment with the operational goals and needs of their units, integration of institutional policy with local policy and processes, and the development of local infrastructure and procedures to support compliance.

 

Role: One or more representative teams of operational level leaders and managers analyze the issues and make recommendations related to IT policy proposals.  These teams could be chartered by an executive level group of Deans and Directors. 

 

5. Technologists, Support Staff and Users

The involvement of technologists, support staff and user communities such as faculty, staff and students helps assure that a proposed policy is desirable and feasible from a technical perspective, and that compliance is practical for those creating, maintaining and using the related technical infrastructure or services.

 

Role: The operational level team(s) identified above charter policy issues teams to perform specific detailed research, provide specialized expertise, expand involvement by a broad spectrum of those affected (for example: faculty, staff and students) and provide other support to the operational level management team(s).

 

IV. Principles of the Policy Development Process

 

The policy development process is used to create new and revised IT policies, and supporting guidelines and standards for policy implementation. IT policy development can originate anywhere on campus, but development should follow these principles.  

 

Principle 1 – Collaboration

 

To ensure campus-wide input and collaboration, planning for new policy initiatives will incorporate needs from many venues and campus groups, including, but not limited to, the IT Strategic Plan, IT Policy Forums, and the Policy Planning Team.

 

Principle 2 – Success Factors for Planning

 

When planning policy development it is necessary to assure there is:

  • compelling need,
  • strategic alignment,
  • appropriate policy scope, and
  • executive sponsorship.

 

Principle 3 – Success Factors for Development  

 

Throughout the development process it is necessary to assure there is:

  • transparent process,
  • inclusive representation,
  • appropriate review and revision, and 
  • practical implementation. 

 

Principle 4 – Development Process

 

Policy development follows a designated process with specific sequential steps that must be followed under the direction of the CIO. See Appendix A.

 

Principle 5 – Resource Management

 

Rather than skip steps in the policy development process, it is better to adjust  the time and resources required to complete each step depending upon:

  • pre-existing consensus,
  • impact on the institution,
  • urgency of need, and
  • relative priorities. 

 

Principle 6 – Roles and Responsibilities

 

The roles and responsibilities described in Section III should be followed throughout the policy development process. 


V. Policy Development Practices  

 

1. Communication. Communication of IT policy development will occur at multiple stages during the development process.

  • Policy forums will be conducted by the CIO’s IT Policy Office to discuss policy development with the campus community.
  • To promote transparency and obtain campus input, individual policy teams will present the status of  initiatives at regular intervals.
  • Information on initiatives will be available on the IT Policy Development wiki. [1]
  • Official IT policies will be published in the IT Policy Knowledge Base. [2]

 

2. Participation. The CIO’s IT Policy Office encourages active participation by the campus community. Individuals are encouraged to participate on policy teams. 

 

3. Vetting. The CIO’s IT Policy Office engages stakeholders during the policy development process.

 

4. Campus Coordination of Development. IT policy development that originates outside the CIO’s IT Policy Office should coordinate with the CIO and follow the principles in section IV. 

 

5. Awareness and Training.   IT policies should be published with appropriate guidelines for IT user and producer implementation. 

 

VI. Policy Mandates

 

UW-Madison IT policies may be initiated, preempted or set by federal & state law, Regent and UW System policy, UW-Madison executive mandates.   

 

Due to urgent situations, the CIO may issue executive mandates or policies that are effective immediately. The mandate or policy will be reviewed following the principles and practices described in sections IV and V. 


Appendix A

Appendix B - Stakeholders in the IT Policy Process

 

This list is not comprehensive, but provides examples of individuals and groups who have a role in policy development. 

 

  • Information Technology consumers and producers
  • Faculty
  • Staff
  • Students
  • University Leadership
  • Faculty Senate
  • Wisconsin State Legislature
  • Information Technology Committee (ITC)
  • CIO’s IT policy office
  • Legal Services 
  • Internal Audit
  • Data Stewards
  • IT Policy Planning Team
  • Network Advisory Group (NAG)
  • Madison Technology Advisory Group (MTAG)
  • Identity Management Leadership Group (IMLG)
  • University Records Management Advisory Group (URMAG)

 

Appendix C - References

Glossary

https://kb.wisc.edu/itpolicy/glossary

IT Policy Office

policy@cio.wisc.edu

Published IT Policies

http://kb.wisc.edu/itpolicy/

Wiki for IT policy development

https://wiki.doit.wisc.edu/confluence/display/POLICY/

 

Appendix D – Revisions

Changes since 2009:

  • In 2015, adaptation of the Cornell policy process for use at UW-Madison. This was a substantive change designed to better engage University leaders when proposing and approving IT policy.
  • Many minor changes over time such as correcting links, updating lists, and streamlining language.

[1] The wiki is available at https://wiki.doit.wisc.edu/confluence/display/POLICY/   

[2] IT Policies are published at http://kb.wisc.edu/itpolicy/  

 

 

 
  File Modified
JPEG File General_Information_Policy_Process-2009-04-02HL.jpg FY 2009-2010 IT Policy Process Diagram May 18, 2009 by GARY W DECLUTE
JPEG File IT_Policy_Process-2011-03-03a.jpg FY 2010-2011 IT Policy Process Diagram Jul 18, 2011 by GARY W DECLUTE
Microsoft Word 97 Document IT Policy Principles and Procedures 4-2c.doc FY 2010-2011, 2011-2012, 2013-2014 and 2014-2015 IT Policy Principles and Procedures (DOC) Oct 04, 2016 by GARY W DECLUTE
Microsoft Word 97 Document IT Policy Principles and Procedures 4-2d.doc FY 2015-2016, and 2016-2017 IT Policy Principles and Procedures (with adaptations from Cornell) (doc) Oct 04, 2016 by GARY W DECLUTE
PDF File IT Policy Principles and Procedures 4-2d.pdf FY 2015-2016, and 2016-2017 IT Policy Principles and Procedures (with adaptations from Cornell) (pdf) Oct 04, 2016 by GARY W DECLUTE
Microsoft Word Document Outline of Policy Process-2017-06-12b(steps).docx Jul 14, 2017 by GARY W DECLUTE
Microsoft Word Document Outline of Policy Process-2017-06-12b(steps+substeps).docx Jul 14, 2017 by GARY W DECLUTE
Microsoft Word Document Outline of Policy Process-2017-07-13(steps+substeps+procedures).docx Jul 14, 2017 by GARY W DECLUTE
Microsoft Excel Spreadsheet IT Policy RACI Chart-2017-05-25.xlsx Jul 14, 2017 by GARY W DECLUTE
Microsoft Excel Sheet Policy-Initiative-Chart-2017-07-11.xls Jul 14, 2017 by GARY W DECLUTE
Microsoft Excel Spreadsheet IT Policy RACI Chart-2017-05-25a.xlsx Jul 25, 2017 by GARY W DECLUTE

Contact

  • No labels