IT PolicyExternal KB : IT Policy Activity, Apr 2019

IT Policy Activity, Apr 2019

Posted: 2019-03-26 07:38:13 Expiration: 2019-04-25 16:38:13

Disclaimer: This news item was originally posted on 2019-03-26 07:38:13. Its content may no longer be timely or accurate.

The itpolicy-announce list communicates policy changes and opportunities to participate in development. Anyone may join by sending a blank email to join-itpolicy-announce@lists.wisc.edu.

Previous month | Next month

Change History

Published on 03/28.

Opportunities to help shape IT policy

Of particular note during the 2018-2019 academic year:

A Continuous Diagnostics and Mitigation implementation plan is under development. It includes such things as: IT asset inventory management of both hardware and software, endpoint management, endpoint security, network monitoring, vulnerability scanning, firewall management, security information and event management (SIEM), account privilege management, incident reporting and response, encryption, and mobile device management (MDM). The CDM Advisory Group has been formed.
IT Credentials Policy and standards are under development. The policy will incorporate new and existing standards including such things as: identity assurance, authentication assurance, federated assurance, password standard, multi-factor authentication, and the appropriate use of credentials and access control services. A Credentials Drafting Team has been formed.
The Web Accessibility Policy and Procedures are under revision. The revised policy will be renamed the "Digital Accessibility Policy" and will cover more than web technology.
Several policies and standards are under review and revision in Spring of 2019:
- Access Control Services Policy and Standard (under IT Credentials Policy)
- Email Server Policy (will probably be retired)
- IP version 4 Allocation Policy (being evaluated for possible retirement)
- NetID Appropriate Use Standard (under IT Credentials Policy)
- Password Policy and Standard (under IT Credentials Policy)
- UDS Responsible Use Policy (under IT Credentials Policy)

For a more in depth presentation of major policy initiatives, please see: IT policies under development or revision
To comment, or otherwise get involved, please email policy@cio.wisc.edu.

New / Revised Documents

The Guest NetID Policy was revised to improve readability and update terminology. There was no substantive change in requirements.
The Restricted Data Security Management Policy and Procedures were revised to extend the initial period to Dec 31, 2019. During the initial period the policy only applies to SSN's.

Please see the Last Reviewed / Revised List for earlier activity.
For questions or comments, please email policy@cio.wisc.edu.

Endorsement / Approval Pending

There are currently no documents in the endorsement or approval process.

To comment, or suggest additional documents that need to be developed or revised, please email policy@cio.wisc.edu.

Forums / Events

The next IT Policy Forum will be Apr 23, 1:00-2:30, Rm 3139 CS.
Topic: IT Asset Inventory Management.

Please note the change in time and location.

To comment, or suggest future topics, please email policy@cio.wisc.edu.

Teams / Governance

Information Technology Committee (ITC)

Fri, Apr 19, 10:00-12:00, Room 3139 CS.

The Information Technology Committee is the faculty advisory body for policy and planning for information technology throughout the university. It is composed of faculty, academic staff and students.

Policy Planning & Analysis Team (PAT) and its subcommittees

Wed, Apr 17, 3:30-4:30, Rm 3139AB CS.
- Policy Review and Revision Procedures.
- The PAT is a subcommittee of ITC. Please see the PAT meeting schedule.
PAT Executive Committee (ongoing): Plans the PAT agenda and manages the PAT subcommittees. Please see the PAT EC meeting schedule.
PAT Subcommittees:
- Communications Subcommittee (ongoing): Communications of policy development and published IT policies, including IT Policy Forums, the IT Policy Knowledgebase, and policy-related web pages on it.wisc.edu. Please see the PAT Communications Meeting Schedule.
- Portfolio Subcommittee (ongoing): Organizing and managing IT policies as portfolios of related policies. Please see the PAT Portfolio Meeting Schedule.
- Process Subcommittee (ongoing): Monitoring and improving the process of IT policy development and review. Please see the PAT Process Meeting Schedule.

You are welcome to attend any of these meetings. For more information please contact policy@cio.wisc.edu.

Previous month | Next month

-- IT Policy: GARY DE CLUTE