| Policy or Topic | Description | Contact or Additional Information |
|---|---|---|
| Accessibility to Information Technology | Sets forth standards and guidelines that reflect best practices for achieving the accessibility of information technology by persons with disabilities. University policy IRM-008. | |
| Administrative Data Access | Rules for access to administrative data, including definitions explaining what it is and the rules for using it. Employees who access University administrative data must use it according to the rules or risk disciplinary consequences. | |
| Applications and Data Services Work Requests | Describes the general process for submitting an ITC/Applications and Data Services work request. University policy IRM-002. | |
| Audio/Video Streaming Services | Explains the rules for using ITC's Audio/Video Streaming Services—including copyright laws and any applicable licensing terms. |
|
| Calendar Data and Accounts | Defines the data retention and account deactivation criteria for Oracle Calendar and CorporateTime users. (Note: Oracle Calendar/CorporateTime was retired from service on Jan. 15, 2008.) |
|
| Computing Accounts | Explains who can get an ITC account, how to do so, and when it expires. |
|
| Copyright Infringement Response | Defines how the University responds to copyright complaints. |
|
| Copyright Protection | Defines what is protected by copyright on official University websites and how to go about reporting copyright violations. |
|
| Digital Copyright Protection | Defines policy regarding use of digital materials and copyright-protected software. |
|
| Electronic Data Removal | Explains rules and processes for removing data from electronic storage media being surplused, transferred or returned. University policy IRM-004. |
|
| Electronic Data Retention | Defines retention policies for electronic media (e.g., computer files). |
|
| Electronic Storage of Highly Sensitive Date | Strictly limits the circumstances under which highly sensitive data may be stored on individual-use devices and media. It further mandates that strict security requirements be met when highly sensitive data must unavoidably be stored on individual-use electronic devices or electronic media. |
|
| Employee Electronic Communication/File Monitoring and/or Review | Defines policy on institutional monitoring as well as employee electronic files or communications content review. |
|
| Information Access | It is UVa's policy that the same standards and principles of intellectual and academic freedom used in university classrooms, libraries, and other aspects of university life be applied to access for the University community to resources available through computer networks. |
|
| Information Release | Defines the procedure to release information about users' activities on our systems (e.g., legal requests for otherwise private information). | |
| IT Infrastructure, Architecture and Ongoing Operations | Establishes the nationally recognized codes of practice with which the University aligns its IT infrastructure, architecture and ongoing operations. University policy IRM-009. | |
| IT Project Management | Establishes the common and consistent application of project management best practices in the management of IT projects and the delivery of IT solutions within budget, on schedule, within scope and in such a way as to best contribute to accomplishing the University's strategic mission. University policy IRM-010. | |
| IT Security Incident Reporting | Establishes the requirement to report information technology security incidents to appropriate University officials so proper and timely response procedures can be initiated. University policy IRM-012. | |
| IT Security Program | States the codes of practice with which the University aligns its information technology security program to safeguard the institution's computing assets in the face of growing security threats. This significant challenge requires a strong, persistent and coordinated program that leverages widely accepted, effective security practices appropriate for the higher education environment. University policy IRM-011. |
|
| IT Security Risk Management | Explains the IT Security Risk Management Program, which itself explains existing risks and strategies for reducing or eliminating those risks. University policy IRM-003. |
|
| Mass Emailings | Explains rules and guidelines for sending mass emailings to University audiences. University policy IRM-006. |
|
| Network Access for Third Parties | Explains the conditions under which third parties (e.g., vendors, consultants) are allowed direct access to the University network. |
|
| Network Service Interruption Notifications | Defines ITC's role in announcing activities that have known potential to interrupt access to networks or systems. |
|
| Responsible Computing Handbooks | Use of UVa IT resources is governed not only by the University's own Standards of Conduct, Honor System, and Human Resources policies, but by local, state, and federal laws relating to copyrights, security, and other statutes regarding electronic media. Separate handbooks for students and faculty/staff explain these user responsibilities. | |
| Responsible Use: Ethics in Computer Usage | Explains rules for maintaining privacy, confidentiality, and integrity of the computing environment while using resources appropriately. | |
| Responsible Use: Obscene Material | Defines the University's legal interpretation of obscene materials. | |
| Responsible Use: Sexually Explicit Material | Defines state ban (and exemptions) on employee access to sexually explicit material via state equipment. | |
| Responsible Use: State Use of Internet and Electronic Communication Systems Policy | Commonwealth of Virginia's responsible use policy for state employees. | |
| Security of Networked Devices | Explains all users' responsibilities for maintaining the security of their devices on the University network. |
|
| Shared Computing Resources | Explains rules for using shared computing resources such as public labs. |
|
| Software Site Licenses (ITC) | Explains how to request funding from ITC for application-software site licenses or volume purchases. |
|
| Spam | Explains what can—and can't—be done about "spam" received at the University. | |
| SSN Initiative | Comprehensive initiative to phase out the use of Social Security numbers (SSNs) systematically wherever possible. |
|
| Storage Space | Explains ITC's central disk-based storage space. |
|
| Website Advertising | The University's Web pages must not be used for commercial purposes. University policy IRM-001. |
|
| Website Privacy | Defines what the University does with user information collected via its websites. |
|
| Wireless Frequencies Use | Explains policy on wireless bandwidth usage for the 2.4 and 5.1 GHz radio frequencies. |
|