a model for it policy development marilu goodyear & beth forrest warner university of kansas...
TRANSCRIPT
A Model for IT Policy Development
Marilu Goodyear &
Beth Forrest Warner
University of Kansas
Educause 2001 October 29, 2001
Copyright Marilu Goodyear and Beth Forrest Warner, 2001.
This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the authors. To disseminate otherwise or to republish requires written permission from the authors.
University Environment
Resistant to change Diffuse and collaborative decision-
making processes Differing levels of technology use and
understanding
University Values and Mission
Core values: Teaching Research
Mission: Teaching students Contributing to the growth of knowledge
Means of accomplishing the mission? Constantly changing…
Key to Successful IT Policy
Consistent with University values and mission
Developed through consensus Explicit issues Informed participants
Where to Begin?
Lists of complaints and problems
vs.
A shared framework of values
Underlying Requirements
Articulated values of the university Informed participants in the policy
process
The University of Kansas
Established 1866 Comprehensive educational & research
environment 27,800 students 2,000+ faculty Distributed campuses / facilities 14 major academic divisions Carnegie Research University I
Information Technology at KU
Central and distributed IT services Central services include:
Academic computing support Email University web services Supercomputing Enterprise systems (PeopleSoft) Network and telephone systems Datawarehouse development Library and Digital Library services Printing and mail services
KU’s IT Policy Responsibilities
Vice Chancellor for Information Services Issues include:
Copyright infringement (DMCA) Email harassment Commercial services on the University
network And, lots more…
KU’s Policy Framework
Access Freedom of expression Privacy Intellectual Property Security Effective use of resources Records management
Access: Open Flow of Information
The University maintains access to local, national, and international sources of information and communication mechanisms for the expressed purpose of supporting the teaching, research, and service mission of the University. Information resources will be used by members of the community with respect for the public trust through which they have been provided and in accordance with the law and policies established by the State of Kansas, the Board of Regents, and the University and its operating units.
Access
Access to systems, i.e. eligibility for services
Domain name use Remote access Solicitation
Freedom of Expression
Freedom of expression and an open environment to pursues scholarly inquiry and for sharing of information are encouraged, supported and protected at the University of Kansas. Censorship is not compatible with the goals of the University. The University will not limit access to any information based on its content, which meets the standard of legality.
Freedom of Expression
Freedom of speech Exceptions
Libel Slander Harassment Commercial & personal use of resources Advertising Obscenity
Privacy
The general right of privacy is extended to the extent possible to the electronic environment. The University and all electronic users should treat electronically stored information in individual files as confidential and private. Content should be examined or disclosed only when authorized by the owner, approved by an appropriate university official, or required by law.
Privacy
Exceptions for Open Records Effective administration Administrative review Legal search warrants
Intellectual Property
U.S. Constitution: “promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors exclusive Rights to their respective Writings and Discoveries.”
Rights of the creator vs. rights of users Current copyright controversy…
Intellectual Property
The University supports the production of intellectual property by faculty, staff and students for the benefit of the institution and society. All users of electronic information have a personal responsibility to recognize and honor the intellectual property of others.
Plus – concepts and responsibilities of Fair Use
Security
Academic and administrative information processing, telecommunications, and related technology are critical academic and business tools of the University of Kansas. Inappropriate exposures of confidential and/or sensitive information, loss of data, inappropriate uses of computer networks, and risks of physical damage can be minimized by compliance with reasonable standards, attention to the proper design and control of information systems, and sanctions for violations of security policy.
Security Practices
Passwords Virus protection Other measures…
Effective Use of Resources
The University provides information technology resources to the campus community for everyone’s use. These assets should be used equitably and responsibly. The University expects all users to be effective network citizens. The University attempts to maintain high performance of these resources for the benefit of all. Individual users or processes may be identified as using an inordinate amount of resource. Priority is always given to activities that support the University’s mission of instruction, research, and service. Non-academic student use will receive a lower priority.
Effective Use of Resources
Disruptive Network Traffic Limitations on:
Broadcast Messages Peer to peer software use Chain mail
Records Management
New information technologies have transformed the ways Universities create, use, disseminate, and store information. These new technologies offer a vastly enhanced means of collecting information for and about members of the University community, communicating with state government, and documenting the business of the University. It is the University’s obligation to manage and preserve its records to document our history and to provide access to the citizens of Kansas.
Records Management
Definition of public records Open Records process Records retention policies & processes Guidelines for electronic mail use and
retention
Policy Website Organization
Policy language
+
Background & contextual information
=
Informed participants
Policy Information Organization
Policy language University policy Board of Regents policy State laws and/or regulations Federal laws and/or regulations State and Federal court decisions Other relevant background information
Resources Referenced
THOMAS Legal Information Institute FindLaw U.S. Copyright Office UT System Intellectual Property website Local University and State websites
Delivery Mechanism
Easy access Easily updated Easy to include relevant background
information Feedback mechanisms
Policy Stakeholders
Development Process
Identify stakeholders Identify existing policy and relevant
background information Develop new policy language Invite review and feedback via website Revise as needed
http://www.ku.edu/~vcinfo/IT_policy/process.htm
Conclusions
Process works to: Create essential IT policy language Highlight gaps in non-IT policy language Initiate discussions of responsibilities Develops sense of shared ownership
Reinforces recognition that technology is a means to an end – not the end itself
Reinforces sense of shared values Results in consistent and enduring policies
Questions???
Marilu Goodyear
Beth Warner
University of Kansas, IT Policy Website
http://www.ku.edu/~vcinfo/IT_policy