IT PolicyExternal KB : IT Policy Activity, Mar 2018

IT Policy Activity, Mar 2018

Posted: 2018-02-28 09:00:00 Expiration: 2018-03-29 19:00:00

Disclaimer: This news item was originally posted on 2018-02-28 09:00:00. Its content may no longer be timely or accurate.

The itpolicy-announce list communicates policy changes and opportunities to participate in development. Anyone may join by sending a blank email to join-itpolicy-announce@lists.wisc.edu.

Previous month | Next month

Published on 2/28.
Endorsement / Approval Pending [ 3/02 UPDATE ]
Policy Planning and Analysis Team (PAT) [ 3/02 UPDATE ]
UW-Madison Information Security Team (UW-MIST) [ 3/02 UPDATE ]
New / Revised Documents [ 3/16 UPDATE ]
Policy Planning and Analysis Team (PAT) [ 3/21 UPDATE ]

Opportunities to help shape IT policy

The IT Policy Planning and Analysis Team (PAT) meets on the first Friday of the month, 1:30-3:00, in Rm 3139 CS. These meetings help determine the future direction of IT policy. You are welcome to attend.
There will be an IT Policy on April 26, 1:00-2:30, Rm 3139 CS. Topic: Digital Accessibility Policy.

New / Revised Documents

[ 3/16 UPDATE: The Cybersecurity Risk Management Policy and Implementation Plan were issued on March 16.]

See the Last Reviewed / Revised List for earlier activity.

Endorsement / Approval Pending

Network Firewall Policy
- The draft policy was reviewed by the Advanced Threat Protection Steering Committee (ATP SC) on Sep 21, the Policy Planning and Analysis Team (PAT), on Sep 26, and the UW-Madison Information Security Team (UW-MIST) on Oct 5. The PAT completed a policy analysis to accompany the policy when it is forwarded to IT governance this Spring. During February, the documents were further vetted with UW-MIST, the ATP Steering Committee, and others.
Password Policy and Standard.
- Started accelerated revision of the Password Standard in order to better align with UW System policy. The proposal is to move to the new guidance in NIST SP 800-63-3. For an overview of the new guidance see "How to select, manage & protect your passwords". [ 3/02 UPDATE: On 3/01 the consensus at UW-MIST was to move forward with the plan as quickly as practical. ]

To comment, or suggest additional documents that need to be developed or revised, please email policy@cio.wisc.edu.

Forums / Events

The next IT policy forum is April 26, 1:00-2:30, Rm 3139 CS. Topic: Digital Accessibility Policy.

To comment, or suggest future topics, please email policy@cio.wisc.edu.

Teams / Governance

Information Technology Committee (ITC)

Friday, Mar 16, 10:00-12:00, Room 3139 CS.
- [3/16 UPDATE: The ITC approved the Cybersecurity Risk Management Policy and Implementation Plan.]

Policy Planning & Analysis Team (PAT) and its subcommittees

PAT plenary meeting, Mar 02, Notes.
- Policy Process Sub-step Changes.
- Network Firewall Policy (revised). Discussion. [3/02 UPDATE: The PAT is continuing to revise the policy before sending it on the IT governance in April.]
- Aligning IT Policy with UW System Policy
- The PAT meets on the first Friday of the month, 1:30-3:00 in Rm 3139 CS. You are welcome to attend. See PAT meeting schedule.
PAT Communications Subcommittee meeting, Mar 21, Notes.
- Preparation for the April 26 IT Policy Forum.
- [ 3/21 UPDATE: IT Policy KB status and changes.]
- The PAT communications subcommittee meets on the third Wednesday of the month. You are welcome to attend. See Communications subcommittee meeting schedule.
PAT Executive Committee meeting, Mar 16, Notes.
- [ 3/16 UPDATE: Membership and Ground Rules.]
- [ 3/16 UPDATE: Status of Subcommmittees.]
- Planning for the Apr PAT plenary meeting.
- The PAT Executive Committee meets on the third Friday of the month. You are welcome to attend. See PAT EC meeting schedule.
Two ad hoc subcommittees are meeting: [ 3/16 Update: There are now five ad hoc subcommittees meeting.]
- [ 3/16 UPDATE: Encryption: Making recommendations on alignment with UW System policy.]
- [ 3/16 UPDATE: Incident Response: Making recommendations on alignment with UW System policy.]
- [ 3/16 UPDATE: IT Assets: Making recommendations on the defintion of IT Assets, in support of purchasing policy.]
- Policy Impact Subcommittee: Estimating and communicating the impact of new or revised IT policies.
- Policy Portfolio Subcommittee: Organizing IT policies into portfolios of related policies.
Your input is appreciated.

Contact policy@cio.wisc.edu.

UW-Madison Information Security Team (UW-MIST)

Mar 1, Notes.
- Plan to Revise the Password Policy and Standard [ 3/02 UPDATE: The consensus was to move forward with the plan as quickly as practical. ]

Contact cybersecurity@cio.wisc.edu.

Previous month | Next month

-- IT Policy: GARY DE CLUTE