Search JMU Web | Find JMU People | Site Index   
Vice President

AVP Human Resources, Training & Performance
  James Madison University

PUBLISHER:
Human Resources
MSC 7009,
Harrisonburg, VA 22807
PHONE: (540) 568-3825


FOR INFORMATION CONTACT:
Human Resources

Privacy Statement
Last Modified: 8/15/2008
Policy #1201
Information Technology Resource Management

Date of Current Revision: September 2006
Responsible Officer: Assistant Vice President for Information Technology
  1. PURPOSE

    This policy establishes general requirements and responsibilities associated with the management and use of computing and telecommunications resources and services at James Madison University.

  2. AUTHORITY

    The president gives IT responsibility for compliance with all policies and standards promulgated by the Commonwealth of Virginia related to technology and for formulating guidelines, policies and procedures to be adopted by the university for acquisition, implementation, documentation and use of information technology resources. IT also provides and manages a variety of computing facilities and services for the university.

  3. DEFINITIONS

    Workstations:
    Generally synonymous with the personal computer, desktop computer, or microcomputer, such as a Windows PC or Macintosh, but it can refer to any kind of small computer.

    Shared Central Computers:
    Computers managed centrally by IT that house applications shared by university users such as e-mail and HRMS.

    Network:
    A system or systems of hardware and software that transmit any combination of voice, video and/or data between users or systems. The network includes the network operating system in the client and server machines, the cables connecting them and all supporting hardware in between such as bridges, routers and switches.

    End User Computing:
    Computing activities and resources intended primarily to support the needs of the department or unit developing or purchasing the application. EUC applications typically reside on workstations. EUC applications used to conduct University business must be adequately documented and secured in order to ensure continuity of service or operations. An EUC application may be developed in-house or purchased as a turnkey package from a commercial vendor.

    Access Control:
    A mechanism for controlling the right to view or use systems and/or data, for example, passwords and user identification numbers.

  4. APPLICABILITY

    This policy applies to all data, computing and telecommunications resources owned, operated or contracted by James Madison University.

  5. POLICY

    James Madison University provides a wide range of information technology resources including microcomputers, shared central computers, voice, data and video networks, and remote access to other facilities. These resources are available for academic instruction, faculty and student research, office automation, and administrative processing. They are supported by an appropriate mix of consulting, training, maintenance, and support services.

    Misuse of university computers, communication devices, data or other information technology resources is a serious offense. Misuses of information technology resources include, but are not limited to, improperly using university data, computer equipment, software or other resources, accessing university computers with a stolen or illegitimate user identification, and compromising the security or performance of shared computer or communication systems. Specific requirements related to appropriate use are outlined in Policy 1207 (Appropriate Use of Technology Resources).

  6. PROCEDURES

    More detailed requirements, instructions, and procedures for use of the university's information technology resources are specified in JMU Computing Standards established and maintained by Information Technology (IT) at www.jmu.edu/computing/standards.

  7. RESPONSIBILITIES

    7.1 General Responsibilities

    Information Technology
    Information Technology (IT) has overall responsibility for ensuring that effective information technology resource management takes place within the university. Establishing and implementing plans, policies, procedures, and practices that protect and direct the university's information resource investment and assure its confidentiality, availability, integrity, and effective use of these resources by the university community are central to this effort.

    To address specific academic needs Information Technology (IT) works cooperatively with the Educational Technologies (ET) unit of Academic Affairs' Libraries and Educational Technologies division. IT also seeks advice through a variety of standing and ad-hoc groups. Such committees and advisory groups are convened to address specific issues or the needs of a particular constituent group. They are generally composed of key users of information technology who advise on matters related to instructional, research and administrative applications of technology. They participate in major information technology policy decisions, provide input to long range plans and makes suggestions for service improvement.

    Division Heads, Deans, and Department Heads etc.
    Individual division heads, deans, department heads, faculty, staff and students provide input and share responsibility for effective information technology resource management. Their responsibilities include those directed by university policy or procedure and those that generally assure a secure and effective technology environment for themselves and others.

    7.2 Specific Responsibilities

    7.2.1 Acquisition:
    University departments must contact Information Technology (IT) and complete a Project Initiation Questionnaire prior to soliciting acquisition, development or enhancement of technology systems. See Policy 1202(Information Systems Implementation and Project Management).

    Information Technology (IT) will assist university departments in performing a business impact analysis that will examine the development or acquisition alternatives, selection process, implementation requirements and life cycle planning. Specific considerations such as installation and configuration of hardware, software and services, security practices, telecommunication requirements and operational responsibilities will be discussed. IT will also assist in identifying and evaluating compatibility issues, complying with Commonwealth standards and guidelines, and preparing for implementation. While actual processes depend on the scope and complexity of the project, general requirements for initiation, classification and management of computing projects are outlined in JMU Policy 1202: Systems Implementation and Project Management. In addition, specific procedures are outlined in JMU Computing Standards.

    Requests for information technology resources for externally funded projects or university-sponsored programs will be submitted through the appropriate department head, dean, and vice president. Information Technology (IT) will review these requests and the costs for necessary computer/communication services may be assigned in accordance with university accounting regulations.

    7.2.2 Security:
    Information Technology (IT) is responsible for establishing and maintaining the physical security of the central computing facilities (including shared file servers managed by IT), the university's communications network, and data for which IT is the custodian. These responsibilities are more fully detailed in the JMU Policy 1204 (Information Security).

    Division heads, deans, department heads, and their staffs are responsible for the availability, confidentiality, and integrity of data and software stored on individual workstations, servers or shared central computers to the extent they have access and/or operational control. This responsibility includes ensuring backup of key software systems and data on individual workstations or file servers. They may also include account management and/or data stewardship responsibilities that have been specifically assigned.

    7.2.3 Access Control:
    The university provides access to its non-public computing resources for the exclusive use of students, faculty, and staff for the purposes of advancing educational pursuits and certain administrative support functions.

    Information Technology (IT) is responsible for instituting and monitoring appropriate access control measures for shared central computer systems including centrally-managed administrative and academic computers, shared file servers and other systems for which it has system administration responsibilities.

    With the written approval of the appropriate vice president, dean, department head or director, access control responsibilities for private file server volumes may be delegated to individual workgroup managers.

    Access to central computing systems is granted by the issuance of individual user logon identification, password protection and usage restrictions as appropriate. In addition to these general access controls, compliance with procedures for granting access to particular software applications or data sets is also required. Data stewards may be assigned to approve access to certain databases and/or applications. These data stewards are responsible for assuring that requests for data/system use are in keeping with assigned responsibilities and university data access provisions. Information Technology (IT) is responsible for implementing data access as approved by the appropriate data steward(s).

    Individual users assume responsibility for the appropriate and ethical use of the systems and data to which they have access. See the university policies on Information Security (Policy 1204) and University Data Stewardship (Policy 1205) and Appropriate Use of Information Technology Resources (Policy 1207) for more detail.

    7.2.4 Systems Development and Maintenance:
    Information Technology (IT) provides systems analysis and programming services to support the university's administrative and academic functionality. These services include the design, programming, documentation, testing, and enhancement of computer systems for a variety of service functions (e.g. financial accounting, student records administration, payroll processing, etc.) as requested by university departments. Information Technology and the university department will review a cost/benefit analysis of the requested enhancement to assure appropriate utilization of university resources.

    7.2.5 Systems Administration and Operations:
    Information Technology (IT) is responsible for providing environmental control and systems support for central software application systems and computing/communications components to meet the various administrative and academic needs of the university. Specific tasks include capacity and production planning, operational control, security monitoring and system administration for a variety of standard and ad-hoc production environments.

    Information Technology is responsible for providing direction to members of the university community regarding safe and responsible use of technology resources and the responsibilities users have for protecting and efficiently using such resources at JMU. The responsibilities are more fully detailed in Policy 1207 - Appropriate Use of Information Technology Resources and Policy 1204 - Information Security.

    7.2.6 Telecommunications and Network Access:
    In cooperation with the university’s Telecommunications Department, Information Technology (IT) delivers voice, data and video services by designing, installing, and maintaining the campus network infrastructure, including both cabled and wireless components. IT also works with Telecom to provide access to information, systems, and services at other sites by providing inter-network connectivity, satellite transfer, and other forms of voice/data/video access.

  8. SANCTIONS

    Employees who do not adhere to this policy may be subject to discipline, up to and including termination of employment. Violators are subject to disciplinary and/or legal action as specified in the employee, faculty, and/or student handbooks, other university policy and procedures or federal or state law as applicable.

  9. EXCLUSIONS

    Exceptions may be approved by the Assistant Vice President for Information Technology to accommodate special needs or circumstances in support of the university's mission and that do not compromise the access or rights of other students, faculty and staff.

  10. INTERPRETATION

    The authority to interpret this policy rests with the president, and is generally delegated to the Assistant Vice President for Information Technology.

Previous Version: November, 2005
Approved by the President: April 2002

Index Terms

IT
PC
Personal computing
Resource Management
Networks
Systems
Security