Å·ÃÀ¿Ú±¬ÊÓƵ this Policy
Management, Access and Use of IT Resources
Policy Number: 12001
Effective Date:
Last Updated:
Responsible Office:
Division of IT
Responsible Administrator:
Vice President for Information Technology
Policy Contact:
Vice President for Information Technology
Å·ÃÀ¿Ú±¬ÊÓƵ Hall
Columbia MO, 65211
umdoitvp@umsystem.edu
Categories:
- General Administration
Menu:
- Scope
- Reason for Policy
- Policy Statement
- Definitions
- Accountabilities
- Forms
- Related Information
- History
- Procedure
Scope
This policy applies to all Å·ÃÀ¿Ú±¬ÊÓƵ employees and non-Å·ÃÀ¿Ú±¬ÊÓƵ entities when such entities are provided access to Å·ÃÀ¿Ú±¬ÊÓƵ information technology (IT) and/or telecommunications resources.
Reason for Policy
The Å·ÃÀ¿Ú±¬ÊÓƵ’s information technology (IT) and telecommunications networks, facilities and services (hereafter referred to as resources) must be appropriately implemented, managed, accessed and safeguarded in order to support the mission of the Å·ÃÀ¿Ú±¬ÊÓƵ.
This policy assigns responsibility for the management of the Å·ÃÀ¿Ú±¬ÊÓƵ’s information technology (IT) and telecommunications resources and establishes requirements for access to, and required use of, such resources.
Policy Statement
Management of IT Resources
The Vice President for Information Technology (VP for IT) has overall responsibility for the implementation and administration (management) of Å·ÃÀ¿Ú±¬ÊÓƵ IT and telecommunications resources. The VP for IT will work cooperatively with campus Chief Information Officers (CIOs) and other key administrators from each business unit to establish common goals, identify joint and mutually beneficial initiatives and technology solutions and to avoid and reduce duplication of services.
The CIOs are responsible for implementing and administering the IT and telecom resources for their respective campus/business unit, for providing system-wide services when appropriate and for enforcing the access and use requirements of this policy.
Access to IT Resources
The Å·ÃÀ¿Ú±¬ÊÓƵ’s IT and telecom resources are available to the Board of Curators, students, faculty, administrators, staff and other non-Å·ÃÀ¿Ú±¬ÊÓƵ entities referred to in this policy as "users." Timely and predictable access to these resources must be provided for the effective discharge of academic, research, and business activities consistent with the Å·ÃÀ¿Ú±¬ÊÓƵ’s mission. Access to these resources will be granted according to procedures established by the UM system or the applicable Å·ÃÀ¿Ú±¬ÊÓƵ business unit.
The Å·ÃÀ¿Ú±¬ÊÓƵ has the right to inspect computer networks, equipment and connected resources (systems), and information contained within or transmitted via these resources in certain circumstances as documented in the Å·ÃÀ¿Ú±¬ÊÓƵ’s Acceptable Use Policy (CRR 110.005). Access to electronic information by someone other than the assigned account holder must be sent to the Information Security Officer (ISO) at each business unit and handled according to the guidelines in the Access to IT Accounts & Electronic Information procedures as part of the Å·ÃÀ¿Ú±¬ÊÓƵ’s .
Required Use of IT Resources
Å·ÃÀ¿Ú±¬ÊÓƵ departments and employees are required to use IT and telecom resources provided, endorsed or approved by the central IT division at the applicable business unit when conducting Å·ÃÀ¿Ú±¬ÊÓƵ business. Exceptions to this requirement must be approved by the CIO of the applicable business unit.
Use of IT Resources by Non-Å·ÃÀ¿Ú±¬ÊÓƵ Entities
- Non-Å·ÃÀ¿Ú±¬ÊÓƵ entities may be permitted use of IT and telecom resources provided such use is consistent with the goals and mission of the Å·ÃÀ¿Ú±¬ÊÓƵ, and:
- The services to be provided are uniquely available from the Å·ÃÀ¿Ú±¬ÊÓƵ, or;
-
The relationship between the Å·ÃÀ¿Ú±¬ÊÓƵ and the non-Å·ÃÀ¿Ú±¬ÊÓƵ entity is such that mutual concerns over access, security and cost-effectiveness are best addressed by sharing these facilities and services (i.e., co-located in the same Å·ÃÀ¿Ú±¬ÊÓƵ-controlled space, formal partnership agreement in place, etc.).
- All requests for access to IT and/or telecom resources by a non-Å·ÃÀ¿Ú±¬ÊÓƵ entity must be sponsored by the Å·ÃÀ¿Ú±¬ÊÓƵ.
- Any use authorized under this section must be documented in a written and signed agreement that specifies the rights and responsibilities of the Å·ÃÀ¿Ú±¬ÊÓƵ and the non-Å·ÃÀ¿Ú±¬ÊÓƵ entity.  The agreement must be approved by the business unit’s CIO and the VP for IT and must be executed by the appropriate delegated authority.
-
The non-Å·ÃÀ¿Ú±¬ÊÓƵ entity may be charged for such services.
Sanctions
Failure to abide by this policy may result in denial of access to Å·ÃÀ¿Ú±¬ÊÓƵ IT and telecom resources and may also result in disciplinary action up to and including termination.
Definitions
Centrally Provided - Centrally provide IT services include those provided across the UM Å·ÃÀ¿Ú±¬ÊÓƵ for all business units as well as those provided by the central IT division/department at each business unit.
Employees - includes Å·ÃÀ¿Ú±¬ÊÓƵ faculty, staff and student employees, and volunteers conducting work for, or on behalf of, the Å·ÃÀ¿Ú±¬ÊÓƵ.
IT and Telecommunications facilities and services - for the purpose of this policy, IT and telecom facilities and services are resources provided, authorized or endorsed by the central IT department. Examples of these resources include, but are not limited to, enterprise applications such as email and PeopleSoft, high performance computing systems, content management systems, learning management systems, data and video networks, telephone services, voice over IP services and voicemail.
Å·ÃÀ¿Ú±¬ÊÓƵ-wide services - IT and telecom resources provide by the Å·ÃÀ¿Ú±¬ÊÓƵ of Missouri Å·ÃÀ¿Ú±¬ÊÓƵ or provided by an individual campus or other business unit for use by all business units.
Accountabilities
Vice President for Information Technology:
- Work with CIOs in a manner that leads to the implementation, adoption or endorsement of centrally provided IT and telecommunications services as appropriate
- Publishing a list of services and how to obtain such services in an appropriate location
Campus/business unit CIOs:
- Promote and enforce use of centrally provided IT and telecom services when appropriate
- Publish a list of services and how to obtain such services
- Establish and publish procedures for request/sponsorship of non-Å·ÃÀ¿Ú±¬ÊÓƵ entity accounts and provisioning of IT and telecom resources as requested
Å·ÃÀ¿Ú±¬ÊÓƵ administrators and managers:
- Enforce the required use of official Å·ÃÀ¿Ú±¬ÊÓƵ IT and Telecom resources by their employees when conducting Å·ÃÀ¿Ú±¬ÊÓƵ business
- Sponsor accounts and provisioning of IT resources for non-Å·ÃÀ¿Ú±¬ÊÓƵ entities when appropriate
Å·ÃÀ¿Ú±¬ÊÓƵ employees:
-
Use centrally provided or endorsed/approved resources when conducting Å·ÃÀ¿Ú±¬ÊÓƵ business
Additional Details
Forms
Access to Electronic Resources: /media/fa/is/infosec/access-request-form.pdf
Related Information
Users of Å·ÃÀ¿Ú±¬ÊÓƵ IT and Telecom resources must adhere to all applicable Å·ÃÀ¿Ú±¬ÊÓƵ policies and procedures. This includes, but is not limited to:
- CRR 110.005 – Acceptable Use Policy
- Policy 26101 on Procurement Authority
- Policy 26402 on Special Purchases
- Policy 23001 on Records General Policy
- Policy 12003 on Information Security
- Policy 12004 on Information Technology and Telecommunications Purchases
- Policy 12005 on Telephones and Communication Devices
History
This policy combines the following former policies:
- Business Policy Manual 1201 – Management, Access and Use of IT Resources (revised 10/17/2012)
- Business Policy Manual 403 – Non-Å·ÃÀ¿Ú±¬ÊÓƵ Use of Computing Facilities
Procedure
The following websites provide links to the centrally provided resources and account management processes available at each campus/business unit:
Missouri Å·ÃÀ¿Ú±¬ÊÓƵ of Science &Technology,
Å·ÃÀ¿Ú±¬ÊÓƵ of Missouri, Columbia, (MU and UM Å·ÃÀ¿Ú±¬ÊÓƵ)
Å·ÃÀ¿Ú±¬ÊÓƵ of Missouri, Kansas City,
Å·ÃÀ¿Ú±¬ÊÓƵ of Missouri, St. Louis,
Reviewed 2023-02-27