University of Wisconsin KnowledgeBase : IT Policy Activity, May 2018

IT Policy Activity, May 2018

Posted: 2018-04-23 07:00:00 Expiration: 2018-05-31 17:00:00

Disclaimer: This news item was originally posted on 2018-04-23 07:00:00. Its content may no longer be timely or accurate.

The itpolicy-announce list communicates policy changes and opportunities to participate in development. Anyone may join by sending a blank email to join-itpolicy-announce@lists.wisc.edu.

Previous month | Next month

Change History

May announcements published on 4/26.
Updated May 15.

Opportunities to help shape IT policy

The Information Incident Reporting and Response Policy and Procedures will be reviewed and revised this Summer and Fall by the newly formed PAT Incident Response Subcommittee. You are welcome to attend.
The PAT Policy Portfolio Subcommittee helps organize IT policies into topic-oriented portfolios, for example, Cybersecurity Access Control, Digital Accessibility, or IT Resource Management. Over time, the Subcommittee will systematically cycle through the portfolios and make recommendations to the PAT on the organization, maintenance, and expansion of the documents. You are welcome to attend.

To comment, or otherwise get involved, please email policy@cio.wisc.edu.

New / Revised Documents

See the Last Reviewed / Revised List for earlier activity.

For questions or comments, please email policy@cio.wisc.edu.

Endorsement / Approval Pending

The draft Network Firewall Policy is being reviewed by IT governance.
Accelerated revision of the Password Standard is occurring this Summer in order to better align with UW System policy. The proposal is to move to the new guidance in NIST SP 800-63-3. For an overview of the new guidance see "How to select, manage & protect your passwords". The recently formed IAM Council will make recommendations.
Review and revision of the Information Incident Reporting and Response Policy and Procedures is underway this Summer and Fall. The PAT Incident Response Subcommittee will make recommendations.
Accelerated review and revision of the Storage and Encryption Policy and Standard is under way this summer in order to better align with UW System policy. The PAT Encryption Subcommittee will make recommendations.

To comment, or suggest additional documents that need to be developed or revised, please email policy@cio.wisc.edu.

Forums / Events

The next IT policy forum will be in early August. Topic: TBD.
The previous IT policy forum was April 26. Topic: Digital Accessibility Policy.

To comment, or suggest future topics, please email policy@cio.wisc.edu.

Teams / Governance

Policy Planning & Analysis Team (PAT) and its subcommittees

PAT plenary meeting, May 4, Notes.
- Review of draft UW System Perosnal Data Privacy Policy.
- Small group exercise to check ability to classify data.
- Review status of alignment with UW System policies.
- The PAT meets on the first Friday of the month, 1:30-3:00 in Rm 3139 CS. You are welcome to attend.
PAT Communications Subcommittee meeting, May 16, Notes.
- Review of the April 26 IT Policy Forum.
- Discussion of "Guide pages" on the IT web site.
- The PAT communications subcommittee meets on the third Wednesday of the month, 10:00-11:00, Rm 2281 CS. You are welcome to attend.
PAT Executive Committee meeting, May 18, Notes.
- Receive preliminary reports from the IT Assets Subcommittee and the Encryption Subcommittee.
- Planning for the Jun PAT plenary meeting.
- The PAT Executive Committee meets on the third Friday of the month, 2:15-3:15, Rm 2147 CS. You are welcome to attend.
Other PAT Subcommittees:
- Encryption Subcommittee: Making accelerated recommendations on alignment with UW System policy. 5/09 Notes. 5/16 Notes.
- Incident Response Subcommittee: Review and revision of the UW-Madison Information Incident Reporting and Response Policy and procedures. 5/14 Notes. There will be a "table top exercise" in June to check the curent procedures. Next subcommittee meeting will be in July.
- IT Assets Subcommittee: Making accelerated recommendations on the definition of goods and services for which the acquisition or contracting is subject to IT governance policies and procedures. 5/07 Notes. Next meeting is 5/23, 2:30-3:30, Rm 2281 CS.
- Policy Impact Subcommittee: Estimating and communicating the impact of new or revised IT policies. Next meeting is waiting for feedback from IT governance on the analysis of the Network Firewall policy.
- Policy Portfolio Subcommittee: Organizing and managing IT policies as portfolios of related policies. Next meeting will be Wed, May 30, 3:30-4:30, Rm 2147 CS.
- For more information please contact policy@cio.wisc.edu.
Policy-related activity by other teams:
- IAM Council: The team is newly formed. The first policy-related topic will be accelerated recommendations on alignment of the UW-Madison Password Standard with UW System policy. First meeting was May 2. Next meeting is May 24.
- SETA Steering Committee: Team is forming. The first policy-related topic will be the SETA Implementation Plan.
- For more information please contact policy@cio.wisc.edu.

Previous month | Next month

-- IT Policy: GARY DE CLUTE