Review and Adoption Process

Policies and Standards Review and Adoption Process [Previous]  [Next]  [Policy Home]

After creating the early drafts of the policies and standards, the review process was started. The groups below were formally involved in review, comment and suggestions for the policies and standards. Numerous other individuals within the university were involved informally in the review and comment process. The Information Security Office is sincerely appreciative of the dedication and work that all involved contributed to this project.

• Strategic Technology Executive Committee (Fall 2005)
  Received initial executive support for the policy and standards revision process.
• Audit Services (Winter 2005-2006)
• InfoSec Awareness Team (Spring 2006)
• InfoSec Policy Review Group (Spring 2006)
• Academic Technology Committee (ATC) Policy Review Subcommittee (Summer 2006)
  This group included specific representation from the faculty and staff senates as well as Student Government.
• Information and Data Security Task Force (Fall 2006)
• General Counsel (Fall 2006)
• Council of Research Deans (January 9, 2007)
• Council of Academic Officers (March 21, 2007)
• Research Compliance Committee (April 2, 2007)
• Health Sciences Campus (HSC) Compliance Oversight Committee (April 19, 2007)
• Tier 1 Personnel (all, via e-mail, May 9, 2007)
• Business Advisory Group (May 18, 2007)
• Strategic Technology Executive Committee (June 1, 2007)
  The executive committee that initially approved the revision effort approves the drafts and recommends sending them forward to the Compliance Oversight Council.
• Compliance Oversight Council (COC) (July 23, 2007)
  The university's executive level compliance oversight council approves the Information Security Policy and Standard documents for adoption and implementation. See the Statement of the Executive Vice President and University Provost the "From the Provost" web site.

[Next]