Senate Advisory Committee on Information Technology (SACIT) Activities 2021-2022

SACIT, chaired by Phoebe B. McNeally, focuses on communication between academic users and IT administrators at the University of Utah. The committee's major proposal, Proposed Rule 5-050B, aims to enhance software security and accessibility. Key components include mandatory reviews for all software acquisitions, especially those involving sensitive data. The committee approved the proposal with strong support.

• SACIT
• University of Utah
• Information Technology
• Software Security
• Committee Activities

djla Follow

Uploaded on Oct 09, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Senate Advisory Committee on Information Technology (SACIT) PHOEBE B. MCNEALLY, SACIT CHAIR MARCH 14, 2022

2. SACIT Charge The primary role of the Committee is to ensure ongoing robust communication among representatives of the University s academic users of information technology (especially faculty and students), and administrators responsible for planning for, acquiring and deploying information technology resources. (University Policy 6.002 III D.1.I; https://regulations.utah.edu/academics/6-002.php)

3. IT Governance Structure https://it.utah.edu/cio/it-governance-committees/index.php

4. 2021-2022 SACIT Activities Major proposal discussed: Proposed Rule 5-050B, University Software Acquisition Approval Meetings: October 1, 2021 with Steve Hess (CIO), Ken Pink (Deputy CIO), Corey Roach December 3, 2021 with Steve Hess (CIO), Corey Roach (CISO) David Packham (UIT), Jon Thomas (UIT) January 7, 2022 - with Steve Hess (CIO), Ken Pink (Deputy CIO), Corey Roach (CISO) February 4, 2022 with Steve Hess (CIO), Ken Pink (Deputy CIO), Corey Roach (CISO) David Packham (UIT) March 4, 2022 and April 1, 2022 (scheduled)

5. Proposed Rule 5-050b Background: Required by the 2018 State IT Security Audit report (received in 2019) Addresses the ever increasing software cyber security concerns Purpose: to provide the University the opportunity to review the security and accessibility of all software purchased, leased or developed by the University to ensure it meets current Information Security and Accessibility standards as determined by University Information Technology (UIT).

6. Proposed Rule 5-050b Continued Key components: Applies to all units of the University of Utah for all software acquisitions Requires the completion of Educause HECVAT, mandatory questions document and UIT security review and approval prior to acquisition Required for all software that accesses, manipulates, creates or stores restricted data as outlined in University Policy 4-004c Recommended for all software that accesses, manipulates, creates or stores sensitive data as outlined in University Policy 4-004c Does not apply to software residing in a University approved Protected Environment or an environment not attached to the public internet or outside the unit Committee approved: 11 yes, 0 no, 1 abstain, 1 absent