Objective & Purpose
The objective of this policy is threefold:
- Ensure compatibility between decentralized business systems and business systems managed by the Office of Information Technologies (OIT).
- Promote acceptable network performance.
- Ensure data and network security and privacy.
Decentralized Business Systems
Background
This policy applies to the acquisition, development, and support of decentralized business computer systems. Business computer systems include any software package or database that supports a University business function or works in conjunction with other systems that support a business function. Most of the mission-critical business functions of the university use information systems that are maintained by OIT. Examples include the Registrar, accounts payable, payroll, etc.
There are cases when departments will determine that it is in their best interest to acquire and maintain a decentralized business computer system. This policy addresses these decentralized systems. Examples include Denitel, Financial Services Intranet, IRIMS, Campus Card System, etc.. This policy is intended to ensure accurate processing of University business transactions and to maintain appropriate management controls.
Systems that support instruction such as BlackBoard , Mathematica, Oracle, SPSS, are specifically excluded from this policy. Software packages that are acquired for individual faculty or staff use or that do not support a University business function are also excluded from this policy.
Policy Statements
- Proposed systems, whether purchased, developed by an outside contractor, or developed by university staff or students must be reviewed and approved in advance by the Associate Vice President of Information Technologies
- Any interface between the decentralized system and systems managed by OIT must be defined and documented by the application developer.
- Any system hardware must be fully compatible with the University's network environment.
- System hardware not housed in OIT must be protected from fire, temperature extremes, water intrusion, and malicious attack (including viruses).
- Decentralized hardware and software must be maintained at current levels supported by the vendor; compatibility with the university's network and operating systems environment must be maintained.
- Data files associated with the system must be backed up on a regularly scheduled basis with monthly rotation to an approved off-site storage facility.
- Detailed policy relevant to the support, by OIT, of computer applications developed and/or written outside of OIT may be found in the Decentralized Application and Support Policy.
- Conflicts will be and resolved by the Vice President of the affected division.
Prior to the implementation of any decentralized business-related computer system, and as early in the acquisition process as possible, the head of the department that is implementing the system must submit, in writing or electronic mail, the following information to the Associate Vice President for Information Technologies:
- Purpose and scope of the proposed system
- Proposed acquisition method (e.g. purchase, gift, contract, in-house development, other)
- Required interfaces to other University business systems
- Expected hardware and network capacity required to support proposed system (OIT staff will provide assistance in addressing this item).
- Names of primary and secondary personnel responsible for maintaining the system and related interfaces
- Statement of how system hardware and/or software not housed in OIT will be protected from fire, temperature extremes, water intrusion, and malicious attack (including viruses)
- Statement of plans and expected funding sources to keep system hardware and software at current levels
- Schedule of system data backup and rotation off-site storage facility
The Associate Vice President for Information Technologies will review the proposed system implementation, consult with the implementing department, and take appropriate action in advance of the creation of purchase orders or software development contracts. Purchase orders and software development contracts for approved systems must be routed through the Associate Vice President for Information Technologies for signature prior to submission to the Purchasing Department.
Connection to Campus Network
Background
OIT is responsible for the support and maintenance of the campus network. This responsibility includes protecting the network from malicious attack, monitoring network performance, and planning for adequate network capacity. The policy is intended to ensure that servers and other network devices attached to the campus network are compatible with the campus network.
Policy Statements
The following policies apply to decentralized networking equipment:
- Departments proposing to attach network servers or other network devices to the campus backbone must consult with the Director of Network and Communication Services and receive approval from the Associate Vice President for Information Technologies prior to specification and acquisition of the network server/device.
- Proposed systems must be fully compatible with the university's network environment.
- Hardware not housed centrally in OIT must be protected from fire, temperature extremes, water intrusion, and malicious attack (including viruses).
- Conflicts will be elevated and resolved by the Vice President of the affected division.
Procedures
Prior to specifying, acquiring, or connecting decentralized network servers or other network devices to the campus backbone, and as early in the acquisition process as possible, the department wishing to do so must submit, in writing or electronic mail, the following information to the Associate Vice President for Information Technologies:
- Purpose and use of proposed network server(s) or device(s).
- Expected network utilization of proposed server(s) or device(s) (OIT staff will provide assistance in addressing this item).
- Statement of how proposed server(s) or network device(s) not housed centrally in OIT will be protected from fire, temperature extremes, water intrusion, and malicious attack (including viruses).
- Names of primary and secondary personnel responsible for maintaining the proposed network server(s) or device(s).
- Statement of plans and expected funding sources to keep proposed server(s) or device(s) at current levels.
The Associate Vice President for Information Technologies will forward the request to the Director of Network and Communication Services who will review the proposal, consult with the implementing department, and make an appropriate recommendation to the Associate Vice President for Information Technologies. Purchase orders for approved server(s) or network device(s) must be routed to the Associate Vice President for Information Technologies for signature prior to submission to the Purchasing Department.
References
- External Application Development and Support Policy, University of North Florida, Computing Services
- Decentralized Business and Networking Systems Policies and Procedures, University of North Florida, Computing Services