Policy on Information and Communication Technology (ICT) Decisions
- Purpose
- Policy Statement
- Compliance and Oversight
- Policy Development History
- Related Standards, Guidelines and Procedures
PURPOSE
This policy is intended to assist campus units in making information and communication decisions, to reduce both direct and indirect expenses, to better assess aggregate campus demand for technologies, to ensure access to and effective integration of technology on campus, to reduce risk, and to minimize the potential impact of adverse or unintended consequences to the University or its affiliated units and auxiliaries.
POLICY STATEMENT
Acquisition, acceptance or development of Information and Communication Technology (ICT) products or services that materially affect Cal Poly's users, assets, operations, or business continuity, or its ability to comply with existing policies, laws and related regulatory, legal or administrative practices, must conform to established campus standards, guidelines, and practices for making technology decisions.
The standards and practices created to implement this policy shall establish the criteria for reviewing and making decisions, provide guidelines for required or recommended reviews and their conduct, and define the roles and responsibilities of those involved in the review process. The criteria shall consider potential impact and risk to the university; accessibility, security, policy and regulatory compliancy issues; operational and support issues; and integration with established University priorities, infrastructure, services, systems and standards.
This policy shall apply to all technology decisions that meet the campus criteria for review, regardless of who initiates the request or the funding source. Any ICT product or service may be subject to review based on substantive changes (e.g., technical, functional, operational) or its potential impact on users and/or the University.
COMPLIANCE AND OVERSIGHT
The Vice President for Information Technology Services/Chief Information Officer (VP/CIO) is responsible for application and enforcement of this policy.
The VP/CIO or designee, in consultation with university procurement or other affected parties, is responsible for developing standards, guidelines and practices for implementing the policy.
The official version of this policy will be maintained in the Information Services section of the Campus Administrative Policies (CAP). Recommended changes shall be reviewed by the campus and approved by the President through the CAP process.
POLICY DEVELOPMENT HISTORY
| Effective Date | Actions Taken |
|---|---|
| December 2018 | Revised owner of Compliance and Oversight from Provost Office to VP ITS/CIO. Revised to reflect evolution of change from “Equipment and Information Technology (E&IT)” to “Information and Communication Technology (ICT)”. |
| July 2015 | Revised to encompass all technology decisions, not just software, based on policies and practices established since initial release. Submitted for CAP review and approval. Related standards and practices are currently being revised. |
| March 22, 2007 | Posted online. Linked from IT policies, procurement, and other websites. Accompanied by related standards, guidelines, and practices. |
| March 2007 | Approved by President Warren J. Baker |
| January 16, 2007 | Reviewed and endorsed by Information Resources Management Policy and Planning Committee |
| 2003-04 to 2006-07 | Reviewed by campus computing advisory groups representing student, faculty and administrative users |
