head & managers forum update on it policies friday 13 th of september
TRANSCRIPT
Head & Managers ForumUpdate on IT Policies
Friday 13th of September
Purpose of IT Policies
• Provide clarification for staff and students on the acceptable usage of IT infrastructure and services.
• Provide a level of protection for staff, students and the University from the misuse of IT systems and services.
• Provide information to staff and students on how to get the most out of the services.
• Provide clarification for all staff on how to deal with and escalate issues.
Glossary
Policy: High level goals and rules on managing information technology and data in the University.http://www.ucc.ie/en/media/support/itpolicies/policies/SocialMediaPolicy.pdf
Procedure: Step by step tasks of workflows performed to achieve certain outcomes. They spell out how the policy will be implemented operationallyhttp://www.ucc.ie/en/media/support/itpolicies/procedures/AccessToStaffAccounts.pdf
Standards: Specify in detail how the University hardware and software should be used. http://www.ucc.ie/en/media/support/itpolicies/standards/BulkEmailStandards.pdf
Guidelines: Information and advisory notes on how best to use the services. These documents are not mandatory.http://www.ucc.ie/en/media/support/computercentre/trainingmanuals/BackUpandRestore.pdf
Policy Universe
Principles Confidentiality Integrity Availability Appropriateness
Policy Layers
Standards Layer
Password Standards
Website Standards
Anti-Virus Standards
End User Guidelines
(including portable devices Guidelines)
Procedural Layer
User Admin
Physical Access Change Management
Data Backups
D R Plans
Physical and Logical Layers
Compliance
Information policies
Data Protection
Data Privacy
Policy
Data
Management
Policy Business Controls
IT Security
3rd Party Hosting
IT Policies AUP
Social Media
Policy: Governance and Creation Process
Policy Drafted by IT
Approved by IS Management team
Significant input from AC IS&ER committee
Sent to colleges for review/ sign off
Sent to Academic Board and Council for
final approval
Approved by UMTO/Governing Body if required
Published on UCC website
http://www.ucc.ie/en/it-policies/
Sta
nd
ard
s,
Pro
ced
ure
s a
nd
Gu
ide
line
s a
re m
ost
ly
ap
pro
ved
he
re
Website link: http://www.ucc.ie/en/it-policies/
Inventory of Documentation
Policies Procedures Standards Guidelines
Acceptable Usage Access to IT Services Bulk Email Disposal of devices
Social Media Data Classification Connecting Equipment
Spam guidelines
Data Management Access to Staff account Structured Cabling Irish law and AUP
Information Security Access to student account Network points Portable devices
Policy Breach protocol Smartphones
UCC Official Social Media accounts
Encryption
UCC Other Social Media accounts
Software Licences
Pending Approval
External Hosting of Data Social Media Guidelines
Digital Estate GovernanceData Protection Policy
Questions