Presentation is loading. Please wait.

Presentation is loading. Please wait.

Eight Schools Information Security Policies: The Process at Hotchkiss.

Similar presentations


Presentation on theme: "Eight Schools Information Security Policies: The Process at Hotchkiss."— Presentation transcript:

1 Eight Schools Information Security Policies: The Process at Hotchkiss

2 Information Security…

3 …not an entirely new idea.

4 Hotchkiss Strategic Technology Plan Developed May 2007 through February 2008 by a twenty-member broad-based committee Comprehensive plan covers academic and administrative technologies

5 Hotchkiss Strategic Technology Plan Resulted in action-oriented goals and detailed action plans After adoption, a workgroup was assigned to begin work on administrative objectives

6 Progression of Work Strategic Technology Plan Administrative Technology Educational/Instructional Technologies Administrative Technology Workgroup Information Security Policy Project

7 Administrative Technology Workgroup Surveyed all departments Identified systems that process data Created comprehensive systems list Diagrammed system and data overviews Once background work was completed, workgroup evolved into Data Committee

8

9

10

11 Application List

12 Responsibilities for Information Security Project There is no dedicated information security officer Information Technology Governance Council School leaders and IT Director General IT governance and strategic oversight Information Security Steering Committee CFO, Dean of Faculty, HR Director, IT Operations Manager, IT Director Provides oversight for this process

13 Responsibilities Data Committee Moving forward with recommendations from Administrative Technology Workgroup Oversee identification and classification of data Key role in rollout of information security policies HR Director and Dean of Faculty Communicate and enforce policies with Staff and Faculty IT Department Implementation of technology solutions

14 Process Kick-off call with Information Security Steering Committee FishNet overview Review charter Discuss site visit and responsibilities Charter review Steering committee Key members of ITS and other departments

15 Process Gathered and shared existing policies and documentation FishNet site visit Information gathering and discussion of the process Met with several groups of stakeholders Alumni and Development Information Technology Health Services Business Office Data Committee Admissions Human Resources Communications Security Deans

16 Process FishNet creates draft policies, solicits feedback per schedule IT Director shares preliminary policies among groups as appropriate and seeks feedback Feedback communicated via Eight Schools SharePoint Site and weekly status calls

17 Implementation IT will address technical aspects, but this is more than an IT initiative CFO will address Business Office requirements Human Resources will address components, and communicate policies to Staff Dean of Faculty will address components and communicate policies to Faculty

18 Some Challenges Enlisting Involvement outside of IT – “It’s an IT issue.” Consistency of Eight School policies with existing Hotchkiss policies (Red Flag, AUP, etc.) Differing timelines and priorities among Eight Schools Information overload and implementation concerns Large number of drafts to review (charter, policies) Sixteen policies to implement; some may already exist, many do not

19 Summary Technology Planning process was critical for Hotchkiss Responsibilities are distributed Implementation may be intimidating, but will be achieved methodically Consortium work added tremendous value to policy development process


Download ppt "Eight Schools Information Security Policies: The Process at Hotchkiss."

Similar presentations


Ads by Google