Information Technology Infrastructure, Architecture and Ongoing Operations
- Responsible Oversight Executive:ÌýVice President for Administration and Finance
- Date of Current Revision or Creation:ÌýFebruary 2, 2023
- Download Policy PDF
It is critically important that Â鶹´«Ã½'s information technology (IT) infrastructure, architecture, and ongoing operations support the mission of the institution. To help ensure this need is met, decisions affecting these areas must reflect standards, guidelines, and practices found to be effective in the higher education environment. This policy establishes that the University aligns its IT infrastructure, architecture, and ongoing operations with nationally recognized codes of practice.
The Commonwealth of Virginia Restructured Higher Education Financial and Administrative Operations Act of 2005 grants institutions additional authority over financial and administrative operations, on condition that certain commitments to the Commonwealth are met. Chapters 124 and 125 of the 2019 Virginia Acts of the Assembly and Â鶹´«Ã½'s Memorandum of Understanding with the Commonwealth provide full delegated responsibility for management of the institution's information technology infrastructure, architecture, and ongoing operations. This delegation includes the authority to conduct these activities in accordance with industry best practices appropriately tailored for the specific circumstances of the University, in lieu of following Commonwealth-determined specifications.
, grants authority to the Board of Visitors to make rules and policies concerning the institution. Section 7.01(a)(6) of theÌýÌýgrants authority to the President to implement the policies and procedures of the Board relating to University operations.
Restructured Higher Education Financial and Administrative Operations Act,Ìý
Ìý
Ìýis a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology.
Information Security Officer (ISO)Ìý- The Â鶹´«Ã½ employee, appointed by the President or designee, who is responsible for developing and managing Â鶹´«Ã½'s information technology (IT) security program.
Ìýdevelops and deploys advanced network applications and technologies for research and higher education, accelerating the creation of tomorrow's Internet.
ISO/IEC 27001/27002 is an information security standard published by theÌýÌýand by the International Electrotechnical Commission (IEC).
This policy applies to all users, decision makers, developers and planners of University systems and operations related to the design, acquisition, maintenance, and use of information technology.
The University will establish specific standards, guidelines, and procedures that influence decisions affecting key components of its IT infrastructure, architecture, and operations. These standards and guidelines will align with industry best practices as described by EDUCAUSE, Internet2, and others within higher education, as well as those from selected technology industries. It is not the intent of this guidance to in any way inhibit research or other institutional endeavors that by their nature may require the use of cutting-edge technology not yet appropriate for normal use. The guidance is descriptive rather than prescriptive to achieve flexibility where needed.
This policy applies to all University information technology, whether owned or operated by the University or used for University business through contractual arrangements. The ultimate goal of this policy is to create logical relationships between information technology resources and the mission of the University and its units.
The ultimate goal of this policy is to create logical relationships between information technology resources and the mission of the University and its units.
An overview of the framework for infrastructure, architecture, and ongoing operations, along with the standards and guidelines, shall be posted at theÌýÌýwebsite. For security purposes, some procedures related to infrastructure, architecture and ongoing operations are maintained internally and are available upon request to relevant parties as authorized by the Chief Information Security Officer.
Applicable records must be retained and then destroyed in accordance with theÌý.
Chief Information Officer
Information Technology Standard 06.8.0 IT Infrastructure, Architecture & Ongoing Operations Standard
The EDUCAUSE Center for Analysis and Research (ECAR) Cyberinfrastructure Working Group helps educational institutions develop institutional strategies and plan their resource deployment in this emerging and evolving technological landscape and helps their users harness and optimize the power and capabilities of new integrated IT tools and systems for educational and research applications in higher education.
TheÌýÌýis a non-profit association of colleges and universities; professional and commercial organizations; data, software, and service providers; and state and federal government agencies.
The Mid-Atlantic Research Infrastructure Alliance (MARIA) Inc. is dedicated to facilitating access to advanced information, instruction, and research infrastructure technology and advancing research and education in the United States.
ISO/IEC 27001/27002 is an information security standard published by theÌýÌýand by the International Electrotechnical Commission (IEC).
Policy History
Policy Formulation Committee (PFC) & Responsible Officer Approval to Proceed:
/s/ÌýRusty Waterfield
Responsible Officer
January 4, 2023
Date
Policy Review Committee (PRC) Approval to Proceed:
/s/ÌýDonna W. Meeks
Chair, Policy Review Committee (PRC)
August 18, 2022
Date
Executive Policy Review Committee (EPRC) Approval to Proceed:
/s/ÌýChad A. Reed
Responsible Oversight Executive
January 27, 2023
Date
University Counsel Approval to Proceed:
/s/ÌýAllen T. Wilson
University Counsel
January 31, 2023
Date
Presidential Approval:
/s/ÌýBrian O. Hemphill, Ph.D.
President
February 2, 2023
Date
Previous Revisions: October 1, 2007; April 9, 2010; April 26, 2011; March 15, 2017; February 2, 2023
Scheduled Review Date: February 2, 2028