Skip to end of metadata
Go to start of metadata

 
ID or Short Name

 
Effective

 
Reviewed

 
Revised

Spring
14-15
Summer
14-15
Fall
15-16
Spring
15-16
Summer
15-16
Fall
16-17
Notes
Restricted Data
Management
07/201401/2015
(needs major)
07/2014

Policy &
Procedures
(major
revisoin)

Review
Procedures
(expect minor
revisions)

Review
Policy &
Procedures

 

 

 

Major changes to procedures expected in Spring 2015. Follow up changes to procedures also expected. Signficant policy revison to be considered approximately annually.

Vulnerability
Scanning
(to be renamed CDM)
08/200703/2015
(needs major)
08/2007ReviewRevise
(major)
Revise
(major)
   Needs to be greatly expanded to include not only scanning, but other means of assessing vulnerabilities, and the process of mitigating them. This is called CDM.
Policy Principles
& Procedures
08/200811/2014
(major)
04/2012

Major
revision
(cont)

Major
revision
(cont)

Major
revision
(cont)

   Major rewrite to adapt the Cornell policy process for use at UW-Madison. Will be an ongoing revision process, completion date TBD.
Password
Standard
(Credentials Policy)
02/200603/2015
(needs major)
02/2006Review

Revise
(major)

    Major changes needed to address the broader question of how to strengthen UW-Madison credentials.
Web Accessiblity06/200002/2015
(needs minor)
9/2013
(minor)

Review & Revise
(minor)

 

    Considering a minor revision to include a recommendation to work toward WCAG 2.0 A and AA compliance. Major work anticipated in 2016 or 2017 time range, as Section 508 changes.
IT Compliance
Agreement
08/201202/2014
(needs major)
08/2012Revision
(major)
Revision
(major)
(cont)
    Major revision planned as part of NetID activation re-design.

NetID
Eligibility

Approx.
09/1993

12/2014
(needs major)

10/2011
(minor)

 

Major
reorganization
planned

 

  

 

Major re-organization planned as part of NetID activation re-design. Policy itself will continue to change slowly.
Sensitive Info
Definition
01/200906/2014
(needs minor)
09/2010 Review
(could be minor or major)

 

   Proposed review by Data Stewards Group (DSG)

Copyright
Compliance Plan

06/2010

07/2014
(OK)

04/2012
(minor)

 

Review

    Routine review every summer. Few changes expected.
Cellular Phones08/200705/2014
(needs major)
08/2007

 

Telecom is
revising it
(major)

    Needs signfiicant work. DoIT Telecom is revising it. Completion date TBD.

IAccess

12/2009

05/2013

06/2013
(minor)

 

 

Review and
Revise

 

 

 

Compliance standards will need minor revision to incorporate changes in available services.

IReport

06/2009

06/2014
(needs minor)

08/2012
(major)

 

 

Revise
Policy &
Procedures

  

 

Needs minor changes to clarify how the policy and procedures relate to HIPAA.(Changes have already been drafted.)
NetID AUS01/200811/201312/2013
(minor)
  Review   Routine review. (Is a very stable document.)
UDS Responsible
Use
07/200506/201306/2013
(minor)
  Review   Routine review. (Is a very stable document.)

IEncrypt

06/2009

12/2014
(needs major)

09/2010
(minor)

 

 

Review and Revise
(major)

 

 

 

Major revisions expected. A draft revision was developed in 2012, and never published. Need to re-work the draft revisions again, with significant changes possible.

Responsible
Use

Approx.
09/1993

07/2011

08/2011
(major)

  Review   Routine review.

Non-UW
Apps & Srvs
See also
BYODandCloud

07/2009

03/2013

11/2013
(major)

 

 

Revise and Revise
(major)

   Supporting documents need significant work. BYOD and Cloud Services recommendations need to be incorporated.

EDevices

03/2004

07/2011
(OK)

03/2004
(major)

  Review   BYOD and Cloud Services recommendations need to be incorporated. Other changes possible.

 
ID

 
Effective

 
Reviewed

 
Revised

Spring
14-15
Summer
14-15
Fall
15-16
Spring
15-16
 Summer
15-16
Fall
16-17
Notes
Who has
Sensitive Info?
08/201206/2014
(needs minor)
08/2012   Review  Do we still need this document? Perhaps a question for the DSG?

IDispose

07/2008

10/2013
(OK)

02/2010
(minor)

   Review  Routine review of policy. Does not contain implementation procedures. Do we need them?
Email Servers10/200410/2012
(OK)
10/2004   Review  Routine review. Post O365 implementation, the document is less relevant, but is still needed.

COPE

02/2009

07/2013
(OK)

06/2009
(minor)

 

 

 Review  May need changes. Perhaps a question for the DSG?
IP (v4) Allocation08/200908/2011 (OK)08/2009    Review Routine review.
Telephone
Usage
01/200209/2012
(OK)
01/2002     ReviewRoutine review. (Is a very stable document.) Could accelerate this review.
Access to Faculty
& Staff Files
10/199112/2014
(OK)
10/1991     ReviewRoutine review. (Is a very stable document.) Could accelerate this review.
Computer
Logging
Statement
11/200512/2011
(OK)
11/2005     ReviewMay need to be reviewed sooner. May need significant revision. Action TBD.

Major and Minor changes

Minor changes do not substantially change what people must do to be compliant. Minor changes clarify the language or provide additional or enhanced options for compliance. There may be an announcement, but no formal rollout.

Major changes significantly adjust what is required for compliance. Major changes receive more review, vetting, endorsement and rollout.

Contact