Approved May 12, 2005

  1. The policy is drafted by the Office of Information Services (or another campus organization or department may refer a draft policy to OIS).
    • OIS distributes the draft policy as soon as possible to the ITC membership and seeks initial feedback.
    • OIS schedules the policy for discussion at the next available ITC meeting.
  2. The policy is read and discussed at the ITC meeting.
    • Feedback is provided by ITC members and their represented organizations.
    • It may be determined that more feedback will be required before approval decision can be made.
    • The document may be revised as directed by the ITC (within state guidelines).
    • The ITC may choose to vote to make the proposed document effective as an "interim policy" until the final policy is approved.
  3. The ITC votes to approve or disapprove the policy, or to table the policy to the next meeting.
  1. Upon ITC approval the policy is forwarded to the President for final approval.
  1. Upon the President’s signature the policy becomes effective and if an interim policy was in place, it is replaced by the approved policy.
  1. OIS and/or other campus organizations develop a plan for education and policy compliance.  A report of these activities is provided to the ITC.
  1. Policies will be reviewed when the technology or environment changes, but every policy should be reviewed within five years of approval.
  1. The policy review process will follow the same steps as described for new policies.

The responsibility for the management of the IT policy process will be the Office of Information Services and will be part of the position responsibilities of the IT Security Officer.