Current IT Policy Initiatives
An IT policy initiative is always in response to one more "compelling needs." An initiative might result in development or adoption of any combination of policies, guidelines, procedures, standards and/or principles. In some cases an actual "policy" might not be part of the outcome.
Visit Current Initiatives for development details or Contact Us to get involved with any of the initiatives below.
Collection of Personal Identity Information via Email (COPE) helps protect faculty, staff and students from phishing scams that resemble email from University units. The policy allows the University to clearly state that UW-Madison will not request restricted information via email.
Use of Institutionally Managed Access Control Services (IAccess) requires UW-Madison providers of electronic services secured by access controls to use the institutionally managed access control services when those services are suitable for the application.
Media and Device Disposal and Reuse Policy (IDispose) seeks to protect sensitive information by requiring that the data be removed or rendered unusable before disposal or reuse for another purpose.
Storage and Encryption of Sensitive Information (IEncrypt) requires that sensitive information on workstations, laptops and other portable devices and media be the minimum amount necessary to support operational needs, and that sensitive information that is present on such devices be encrypted or protected by compensating controls.
Information Incident Reporting Policy (IReport) requires employees, contractors and users of UW-Madison information resources to report possible unauthorized access to sensitive information. This allows the institution to investigate and respond appropriately.
Information Resource Management (IRM) policy could address such things as definitions, roles and responsibilities, privacy, high-level information security policy and information resource governance.