University of Wisconsin KnowledgeBase : IT Policy Activity, Jun 2018

IT Policy Activity, Jun 2018

Posted: 2018-05-31 07:00:00 Expiration: 2018-06-28 17:00:00

Disclaimer: This news item was originally posted on 2018-05-31 07:00:00. Its content may no longer be timely or accurate.

The itpolicy-announce list communicates policy changes and opportunities to participate in development. Anyone may join by sending a blank email to join-itpolicy-announce@lists.wisc.edu.

Previous month | Next month

Change History

Published on 5/30.
Updated 6/13.

Opportunities to help shape IT policy

The Information Incident Reporting and Response Policy and Procedures will be reviewed and revised this Summer and Fall. The PAT Incident Response Subcommittee will make recommendations. Meetings will soon be scheduled. You are welcome to attend.
The Encryption Policy and Standard will be reviewed and revised this Summer and Fall. The PAT Encryption Subcommittee will make recommendations. Meetings this month are on Wed, Jun 6 and Wed, Jun 13, both at 3:30-4:30 in Rm 2147 CS. You are welcome to attend.
The Password Standard will be reviewed and revised this Summer. The Identity and Access Management Council (IAM Council) will make recommendations. Following that, work will begin this Fall on a new "credentials policy", (exact policy name TBD,) to cover passwords, multi-factor authentication, identity assurance, and more. Please contact policy@cio.wisc.edu for more information.
The PAT Policy Portfolio Subcommittee helps organize and manage topic-oriented portfolios of IT policies. The team is currently working on the Digital Accessibility portfolio, of which Web Accessibility is a significant part. Next meeting is Wed, Jun 20, 3:30-4:40, Rm 2147 CS. You are welcome to attend.
The Web Accessibility Policy and Procedures will be reviewed and revised during the 2018-2019 academic year. Current plan is to form a policy stakeholders team, to begin meeting in October. Please contact accessibility@cio.wisc.edu or policy@cio.wisc.edu if you are interested in participating.

To comment, or otherwise get involved, please email policy@cio.wisc.edu.

New / Revised Documents

See the Last Reviewed / Revised List for earlier activity.

For questions or comments, please email policy@cio.wisc.edu.

Endorsement / Approval Pending

The draft Network Firewall Policy is being reviewed by IT governance during June.
Accelerated revision of the Password Standard is occurring this Summer in order to better align with UW System policy. The proposal is to move to the new guidance in NIST SP 800-63-3. For an overview of the new guidance see "How to select, manage & protect your passwords". The recently formed IAM Council will make recommendations.
Accelerated review and revision of the Storage and Encryption Policy and Standard is under way this summer in order to better align with UW System policy. The PAT Encryption Subcommittee will make recommendations.

To comment, or suggest additional documents that need to be developed or revised, please email policy@cio.wisc.edu.

Forums / Events

The next IT policy forum will be on August 2nd or 3rd. Details TBD.

To comment, or suggest future topics, please email policy@cio.wisc.edu.

Teams / Governance

Policy Planning & Analysis Team (PAT) and its subcommittees

No Policy Planning and Analysis meeting in June.
- The PAT meets on the first Friday of the month, 1:30-3:00 in Rm 3139 CS. You are welcome to attend.
PAT Executive Committee meeting, Notes.
- Receive reports from the Portfolio Subcommittee, IT Assets Subcommittee, and Encryption Subcommittee.
- Planning for the Jul PAT plenary meeting.
- The PAT Executive Committee meets on the third Friday of the month, 2:15-3:15, Rm 2147 CS. You are welcome to attend.
PAT Subcommittees:
- Communications Subcommittee (ongoing): Communications of policy development and published IT policies, including IT Policy Forums, the IT Policy Knowledgebase, and policy-related web pages on it.wisc.edu. Next meeting is Wed, Jun 20, 10:00-11:00, Rm 2281 CS.
- Encryption Subcommittee (Summer 2018): Making accelerated recommendations on alignment with UW System policy. Next meeting is Jun 13, 3:30-4:30, Rm 2147 CS.
- Incident Response Subcommittee (Summer and Fall 2018): Review and revision of the UW-Madison Information Incident Reporting and Response Policy and procedures. There will be a "table top exercise" in June to check the curent procedures. Next subcommittee meeting will be in July.
- IT Assets Subcommittee (Summer 2018): Making accelerated recommendations on the definition of goods and services for which the acquisition or contracting is subject to IT governance policies and procedures. Next meetings is Jul 11.
- Impact Subcommittee (Summer and Fall 2018): Developing methods for estimating and communicating the impact of new or revised IT policies. Next meeting is waiting for feedback from IT governance on the analysis of the Network Firewall policy.
- Portfolio Subcommittee (ongoing): Organizing and managing IT policies as portfolios of related policies. Next meeting will be Wed, June 20, 3:30-4:30, Rm 2147 CS.
- Process Subcommittee (ongoing): Monitoring and improving the process of IT policy development. Most recent meeting was June 11. Notes.
- For more information please contact policy@cio.wisc.edu.
Policy-related activity by other teams:
- IAM Council: Working on recommendations for revision of the Password Standard, and on implementation of multi-factor authenticaion. Meetings this month are Jun 6 and Jun 19.
- For more information please contact policy@cio.wisc.edu.

Previous month | Next month

-- IT Policy: GARY DE CLUTE