Appendix A. A first draft of IT Policies that
Provide Direction for the UM IT environment
Explicit UM IT Policies (Values/Attitudes)
University Administrators must be proactive in managing and monitoring the
computing software used on the machines in their departments or schools.
Copying protected software also conflicts with the fundamental values of the
University community regarding intellectual property.
SPG 601.3-1 (Management of Copyrighted Software)
It is the policy of the University to maintain access for its community to
local, national and international sources of information and to provide an
atmosphere that encourages access to knowledge and sharing of information. It
is the policy of the University that information resources will be used by
members of it's community with respect for the public trust...
SPG 601.7 (Proper Use of Information Resources)
Electronic mail and computer files are considered private to the fullest extent
permitted by law. Ordinarily, access to electronic mail or computer files
requires permission of the sender/recipients of a message or the owner of the
file, court order, or other action provided by law.
Standard Practice Guide-SPG 601.11 (privacy of Electronic Mail and Computer
ITD will encourage, support and protect freedom of expression and an open
environment for sharing information. Censorship is incompatible with the goals
of an institution of higher education. Individuals should not be unwittingly
exposed to offensive materials by the deliberate and knowing acts of others,
but instead, should be allowed to choose what they wish to access for their own
Whitaker memo to 3D's on "Potentially Offensive Material from Electronic
B.Implicit UM IT Policies (Values/Attitudes)
ITD will provide products and services that can be most cost effectively
provided in a centralized fashion. ITD will leave to units and departments the
provision of those services most cost effectively provided in a decentralized
fashion. For example, ITD will provide shared access to special purpose
Policy on centralized vs. decentralized?
ITD will provide funding mechanisms that meet the needs of both the institution
and the individual. For example, mechanisms that encourage migration to new
services. Mechanisms that don't penalize old services that continue to provide
ITD as a first choice, will attempt to buy products and services. ITD will
work with vendors to develop (future) products that work in our environment.
Only if such products and services are not available, will ITD consider
developing products and services.
Policy on when to buy/build?
- ITD will support and encourage within limits a multi-vendor product environment
since that provides choice to users and encourages competition among vendors.
Policy on how many and what vendors?
- ITD will consider data, like people, money and facilities, as an institutional
Policy on ownership, stewardship of data.
- ITD will provide security and control mechanisms that will guarantee the
information privacy rights of individuals. In addition, ITD will guarantee the
integrity of information.
Policy on information security, privacy, and integrity.
- ITD will provide smooth, timely migration paths to new services.
Policy on how/when we migrate to new services. How long old services will
remain in use
- ITD will be involved in new technology pilots/prototypes. Business requirements
rather than technology preferences will drive decisions. ITD will accept risk
commensurate with anticipated benefits to our customers.
Policy on pilots/prototypes, risk/benefit analysis?
Appendix B. - A first draft of IT Principles that
Provide Direction for the UM IT environment.
UM IT Principles (Goals/Design Objectives)
ITD will provide standard, centralized infrastructure services specifically
for use by other IT service providers around campus.
ITD will enable easy end user access to enterprise information/data
ITD will promote the cross functional integration of the University's systems
ITD will leverage information technology advances (to solve business problems)
ITD will deliver services and solutions that have enterprise wide benefits
ITD will take a process oriented instead of task oriented view of the
ITD will take a data centric as well as a process centric view of the
ITD will provide solutions that enforce restrictions on access as needed
ITD will provide solutions/services that operate in an open systems environment
and support open interface standards.
ITD will provide solutions/services that allow integration of process and data
as close as possible to customers
ITD will provide solutions/services that conform to the security and control
requirements of the University.
ITD will provide one (non-redundant) authoritative copy of institutional data
ITD will provide the most cost effective solutions/services possible.
ITD will provide solutions that maximize data sharing
ITD will provide solutions/services that support interoperability of
applications and data
ITD will provide solutions/services that are independent of platform (portable)
and as transparent as possible across platforms
ITD will provide solutions/services with consistent user interfaces within
platforms and as transparent as possible across platforms.
ITD will provide standardized, ubiquitous network access to all it's
ITD will provide for the coexistence of legacy and new services/solutions
during a transition period and a migration path from legacy to new.
ITD will provide solutions/services that are desktop focused
ITD will provide solutions/services that support a distributed computing
ITD will provide solutions/services in a generalized standardized modular
ITD will provide sharable services with common functionality
ITD will provide solutions/services that support the following list of
ITD will provide solutions/services that are...:
- high performance
- non-interfering and non-conflicting