Skip to main content

Accessibility menu

Skip to main content Skip to footer

Recently Approved Policies and Procedure

Posted 4:20 p.m. Friday, Feb. 18, 2022

UWSA Logo

On February 17, 2022, President Thompson approved the several new policies.

On February 17, 2022, President Thompson approved the following new policies: 

·         SYS 920, Standards Manual for UW Managed Capital Projects (effective July 1, 2022)

·         SYS 1036, Information Security: Endpoint Protection (effective February 17, 2023)

Additionally, on February 17, 2022, Vice President Langdon approved the following new procedure: 

·         SYS 1036.A, Information Security: Endpoint Protection Standard (effective February 17, 2023)

For more information, please view the policies and procedure at the links provided, and see the summaries below. 



APPROVED POLICY

SYS 920, Standards Manual for UW Managed Capital Projects 

This policy has an effective date of July 1, 2022. 

·         The policy establishes the requirement that the Capital Planning & Budget (CPB) department create, manage, and regularly update a standards manual for guiding the project delivery of UW Solely Managed (UW-managed, also known as Gift & Grant)capital projects for the University of Wisconsin System. The policy notes salient aspects of UW-managed projects that the manual will include and establishes the rationale for having the manual. The policy also establishes the expectation for applicable employees and third parties to adhere to the provisions of the manual.

·         There were no comments submitted during the distribution feedback period.

·         After distribution, the policy effective date was updated to July 1, 2022, to align with the publication of the Standards Manual to which the policy refers.

·         CPB will publish the Standards Manual and work with institutions on necessary implementation steps prior to July 1, 2022.



APPROVED POLICY

SYS 1036, Information Security: Endpoint Protection

This policy has an effective date of February 17, 2023.

·         The purpose of this policy is to provide structure for the deployment and management of endpoint protection systems and controls used to mitigate Information Security threats throughout the University of Wisconsin. This policy only applies to UW System owned or leased endpoints.

·         Where technically feasible, institutions are expected to deploy malware protection software, maintain supported operating systems, adhere to principles of least privilege, and employ controls to prevent unauthorized physical and logical access to endpoints.

In response to institutional feedback, the following changes were added in addition to those outlined above:

·         The policy team received significant feedback on both the policy and procedure throughout the development process. All feedback was taken into consideration during final revisions and significant changes were made to both the policy and procedure documents. This resulted in the removal of entire policy segments, which changed the formatting and numbering of policy and procedure statements.

·         If institutions have any questions regarding how their specific feedback was considered, please send an email to informationsecurity@uwsa.edu with your name, the institution you represent, and a copy of the submitted feedback you would like to discuss.


APPROVED PROCEDURE

SYS 1036, Information Security: Endpoint Protection Standard

This procedure has an effective date of February 17, 2023. 

·         The purpose of this procedure is to provide a formal structure for the deployment and management of endpoint protection systems and controls used to mitigate Information Security (IS) threats throughout the University of Wisconsin (UW) System.  


Permalink