CSU Policy: Information Technology Governance (ITEC Charter)

Policy Title: Information Technology Governance (ITEC Charter) Category: Information Technology
Owner: Vice President for Information Technology Policy ID#: 4-1018-008
Contact:
Academic Computing and Networking Services
Web: http://www.acns.colostate.edu
Phone: 970-491-5133
Original Effective Date: 6/12/2005
Last Major Revision: 6/2/2016
Print Version: Click Here to Print

TABLE OF CONTENTS

PURPOSE OF THIS POLICY

POLICY STATEMENT

POLICY PROVISIONS

The Information Technology Executive Committee (ITEC)

Membership of the ITEC

Scope of Activities

The ITEC Advisory Council (IAC)

Membership of the IAC

Other IT Committees

Appendix A

Appendix B

List of Acronyms

Appendix C

Appendix D

Appendix E

APPROVALS

PURPOSE OF THIS POLICY

The purpose of this policy is to describe a structure for IT governance at CSU, to ensure efficient and effective delivery of IT services.

POLICY STATEMENT

In the 1980’s and early 1990’s, Information Technology (IT) environments experienced decentralization; the little interaction between the decentralized and centralized environments required at that time was accomplished in an ad hoc fashion. However, in the 1990’s, as technologies became more interdependent, additional coordination and oversight were required. This was accomplished at Colorado State University (CSU) by both a charge to Academic Computing and Networking Services (ACNS) to coordinate the IT environment, and constitution of the Information Technology Executive Committee (ITEC) that is responsible for the IT oversight and policy at the University. Today, technology is even more interdependent, indeed in some cases overlapping, and greater integration is desirable. This greater degree of integration shall be accomplished via a formal IT governance structure. This document describes such a structure for IT governance at CSU, important to ensure efficient and effective delivery of IT services.

The Provost is responsible for the IT environment at Colorado State University. The Provost chairs the Information Technology Executive Committee (ITEC) that is responsible for IT policy and oversight of the IT environment. The ITEC Advisory Council (IAC) is chaired by the Vice President for Information Technology (VPIT). The IAC supports the ITEC by preparing strategic and policy IT matters for its consideration, and bringing to it other matters that are of an operational nature as described below. The IAC is supported by various committees, also described below, that are constituted and sustained as needed.

Students are also responsible for governing elements of the IT environment, through the Charges for Technology (CFT) and the University Technology Fee Advisory Board (UTFAB) activities. These governance activities are described elsewhere and are not repeated herein.

Additional detail on the functions of the ITEC and the IAC are given below.

POLICY PROVISIONS

The Information Technology Executive Committee (ITEC)

The Provost utilizes the Information Technology Executive Committee (ITEC), staffed by university officers, to establish and maintain policy for and oversight of the IT environment at the University.

Membership of the ITEC

The ITEC is chaired by the Provost. Voting members of the ITEC consist of the President’s Cabinet, including the Provost, and the chair of the College IT Administrators Council (CITAC) who shall be invited to cabinet meetings for ITEC–related agenda items.

A quorum shall consist of ten voting members that shall be necessary for action. Items are to be decided by majority vote of the quorum. In the case of a tie, the vote shall be determined by the vote of the chair. In the case of a tie where the chair does not vote or abstains, the motion shall fail.

Additional attendees may be invited to specific ITEC meetings, so as to facilitate the conduct of ITEC’s business.

Scope of Activities

The ITEC’s scope of authority include:

  • Information Technologies, such as:
    • Computing (servers, desktop computers, applications, etc.); and
    • Communications (voice, video, and data);
  • Instructional Technology;
  • Information Services;
  • Information storage, back-up, archival and preservation; and
  • Information Technology infrastructure.

The ITEC is responsible for information technology policy at the University. The ITEC is also concerned with technology change as it affects instructional methods, research, outreach, and administrative processes.

The ITEC receives input directly from the ITEC Advisory Council (IAC). The ITEC also seeks input and counsel from various other sources such as the Council of Deans, Faculty Council and its committees, various other CSU committees (Associate and Assistant Deans, Campus Administrative Advisory Group, etc.), technology managers, and interested and qualified individuals. Normally, the ITEC approves information technology policy for the University. Where policy requires approval by the President and/or the Board of Governors of the CSU System, the ITEC will consider the policy, and forward a recommendation to the President for elevation to the Board.

Finally, the ITEC develops and maintains an information and instructional technology vision for CSU which is integrated with the university strategic planning and budgeting process.

The ITEC Advisory Council (IAC)

The ITEC is advised by the ITEC Advisory Council (IAC) that functions at the ITEC’s direction. The IAC considers matters of policy, operations and management of the IT environment at the University. Matters of policy are reviewed and referred to the ITEC for its consideration and possible action.

Membership of the IAC

The IAC is comprised of the following representatives, who are appointed by the institutional officials cited below and approved by the Provost:

  • Vice President for Information Technology (chair);
  • Director of Academic Computing & Networking Services;
  • Director of Information Systems;
  • Director of Institutional Research;
  • A representative from the CSU Libraries staff appointed by the Dean of Libraries;
  • One member from each the Academic Colleges, nominated by the Dean of each college and appointed by the Provost;
  • One member appointed by the Provost’s Office to represent CASA;
  • Two members appointed by the Vice President for University Operations (typically HR and Finance)
  • One member appointed by the Vice President for Enrollment and Access (typically from the Registrar's Office);
  • One member appointed by the Vice President for Research;
  • One member appointed by the Vice President for External Relations;
  • Two members appointed by the Vice President for Engagement (typically DCE and the Agencies);
  • One member appointed by the director of the CSU INTO Joint Venture;
  • One member, the CIO, from the Institute for Shipboard Education;
  • One member appointed by the Vice President for Advancement; and
  • One member appointed by the Vice President for Student Affairs.

The Provost may appoint additional members to and adjust the membership of the IAC as deemed necessary and prudent to ensure a balanced, representative membership of the ITEC, and/or to accommodate changes in the University’s organizational structure and/or changes in titles of the appointing individuals.

A quorum of the IAC shall consist of a majority of voting members and shall be necessary for action. Non-operational matters are to be decided by a two-thirds majority vote. In the case of a tie, the vote shall be determined by the vote of the chair. In the case of a tie where the chair does not vote or abstains, the motion shall fail.

Scope of Activities

All matters of policy, strategy, and management of the IT environment should be reviewed by the IAC and forwarded to the ITEC for its consideration. Normally, the IAC prepares or revises drafts of policy, strategy, and management for the IT environment, circulates them widely for consideration by interested parties at the University, and reviews them at its meetings. The IAC then develops a recommendation for the ITEC and forwards the matter to the ITEC for its consideration.

The IAC also considers operational aspects of the IT environment. On operational matters where consensus is achieved via a two-thirds vote required for approval of an item, the IAC may take action unilaterally. Alternatively, if a two-thirds majority is not achieved, a motion to refer the matter to the ITEC for its consideration may be made, and approved by a one-third vote. Should a one-third vote not be attained on an item, then individuals may bring the matter forth via other channels to their representative on the ITEC.

The IAC seeks input and counsel from various sources including technology managers, ad hoc committees such as, among others, the University Technology Committee (UTC), subnet managers, and interested and qualified individuals. Matters to be considered by the IAC are to be forwarded to the VPIT for inclusion on the IAC’s agenda.

The IAC may constitute and charge subordinate standing and ad hoc committees as necessary to meet its objectives.

Other IT Committees

Various other committees are concerned with IT. Normally, these other committees address operational matters that pertain to their own IT environments. To ensure efficiency and effective IT governance, such other IT committees are generally not to proliferate and are to be focused on particular issues. Chairs of these committees are responsible for ensuring that matters of IT policy and operations are brought to the IAC for its review, and consideration for the ITEC’s attention.

IT committees that are of importance to the University include, but are not limited to:

  • Ad hoc committees – Ad hoc committees of users of specific applications may be constituted as needed.
  • Administrative Data Governance Committee – This Committee is constituted under the authority of the VP for IT to coordinate and manage our central administrative data environment. The charge is given in Appendix A.
  • Advisory Committee for Academic Applications (ACAA) – This Committee is responsible for understanding, reviewing and make advising on the workload for Academic Computing and Network Services (ACNS), including reviewing projects proposed to ACNS to ensure that those recommended are well proposed, resources needed determined, of the highest priority, and that capacity and other needed resources are available. The Charge is provided below as Appendix B.
  • Campus IT Security Technical Advisory Committee – This committee is responsible for investigating IT security technologies and periodically evaluating current practices and policies. It is also responsible for disseminating information to the campus. The Campus IT Security Committee is chaired by the Manager of IT Security in ACNS.
  • Classroom Review Board (CRB) – the CRB is responsible for the general assignment classrooms. This includes instructional technology, especially computer projection equipment, and Internet access. The Director of ACNS is responsible for convening and appointing a chair of the CRB, who shall be approved as Chair by the Provost. Members of the Classroom Review Board shall be nominated annually by the VPIT and approved by the Provost.
  • College IT Administrators’ Council (CITAC) – One member from each college appointed by the dean of the college, and chaired by a member elected annually from its membership. The chair, or in the absence of the chair, the chair’s designee, shall serve as a voting member of the ITEC.
  • Communications Infrastructure Committee (CIC) – The CIC is responsible for managing the upgrades to the communications infrastructure of the University as described in Appendix A. The CIC is chaired by the Director of ACNS, with membership as detailed in Appendix A.
  • ISTeC Research Data Management Committee – This Committee has been constituted by the authority of the Vice Presidents for Research and IT, under the auspices of the Information Science and Technology Center (ISTeC) Research Advisory Committee (ISTeC RAC), to provide advice and guidance for CSU’s data environment, encompassing data storage, data management, data preservation, and policies and procedures associated therewith. The formal charge to this committee is provided as Appendix E.
  • Windows Security Committee – This committee is tasked with developing a set of best practices for securing MS Windows workstations and servers. This effort is expected to be continual and evolving. The Windows Security Committee is chaired by a member appointed by Director of ACNS.
  • University Charges for Technology (UCFT) Committee – The UCFT committee is responsible for coordinating Charges for Technology (CFT) activities including responsibility for: 1) maintaining the policies for the Charges for Technology activity in the CFT Manual, 2) assembling the annual CFT reports from the Colleges into an annual report that shall be submitted to the ITEC for its approval, and 3) assembling the annual report on the magnitude of the charges and any proposed increases. The CITAC chair is responsible for convening and chairing the UCFT committee. Membership of the UCFT committee shall be one student and one staff member from each college. The student member shall be appointed by the student governing body of the college, and failing that, by the Dean of the college. The staff member shall be responsible for coordinating the college’s CFT activities, and shall be appointed by the Dean of the college.
  • University Technology Fee Advisory Board (UTFAB) – the UTFAB is constituted under the auspices of the Associated Students of Colorado State University (ASCSU) and operates according to its bylaws. The UTFAB is chaired by a student member elected from its members who are appointed by college student councils.
  • Subnet managers – Subnet managers meetings are used to coordinate and communicate a broad range of information technology matters, including aggregated purchasing and site licensing for IT, IT networking, and matters concerning IT security. IT matters of a general nature are to be the subject of the Subnet Managers, particularly regarding coordination and information sharing. Participation in the Subnet Managers is open to interested individuals. Subnet Managers meetings are coordinated by a member appointed by Director of ACNS.

Appendix A

Administrative Data Governance Committee

May 24, 2016

Data are an institutional asset, and must be governed and managed institutionally. As our central data environment has grown tremendously (over 40 billion elements today, and growing apace), it has become much more difficult and complex to manage. Privacy and security concerns are rising as more systems and services are experiencing data security breaches. Compromises must be made and additional emphasis must be provided for purposes of sustainability. Thus, there is hereby constituted the Administrative Data Governance Committee (the “Committee”) at CSU to coordinate and manage this central administrative data environment. This activity builds upon the ad hoc Central Data Governance and Architecture Committee, formed previously by the VP for IT. The Committee shall be co-chaired by the Associate Provost for Planning and Effectiveness and the Director of Information Systems, and have membership from the functional departments involved with the data, including but not limited to the Registrar, Human Resources, Business and Financial Services, Research, CAAG, and others at the behest of the co-chairs.

The scope for this particular activity is administrative data managed and maintained by central IT in the Operational Data Store (ODS) or its successor, data managed and maintained by the Division of Planning and Effectiveness, and data managed and maintained by and within central IT systems, and also includes learning analytics and associated data and other data as may be included in these resources in the future. These data are classified as “Administrative Data.” This particular policy shall not apply to “Research Data,” for which the VP for Research and the VP for IT have constituted a separate ISTeC Research Data Management standing committee.

The Committee is charged with Administrative Data governance, including the development of policies and procedures associated therewith. Items to be addressed shall include architecture, systems, services and access associated with central administrative data, user support, training, and communications.

Policies developed by the Committee shall include the elements of data definitions, data dictionaries, data classification, user classification, data authority, data responsibility, data validity, user training, user access, user support, and preservation of Administrative Data. Specific procedures, guidelines and forms to clarify and ensure compliance with our data policies will be developed by the Administrative Data Governance and Architecture Committee and will be provided to each functional area through committee membership and online.

Stakeholder input on policies shall be solicited broadly, e.g. from Faculty Council, Deans, Department Heads and Directors, the Administrative Professional Council, the Libraries, the CAAG, the bioethics advisory committees, faculty who serve as principal investigators on grants and contracts, staff, the Graduate School, and the Graduate Student Council, as appropriate.

In their ongoing activities, the Committee shall also develop a process to perform periodic reviews of performance and compliance in connection with administrative data, to ensure compliance with protocols and to maintain Quality Assurance standards for data integrity, and appropriate access and use at Colorado State University. Although the Committee has broad campus representation, the Committee may request assistance from Internal Audit in this specific activity.

Appendix B

Advisory Committee for Academic Applications (ACAcA)

April 14, 2015

 There is hereby constituted under the Vice President for IT (VPIT) the Advisory Committee for Academic Applications ("ACAA" or herein the "Committee"), a standing committee under the auspices of ITEC Advisory Council (IAC). The purpose of the Committee is to advise central IT and its associated functional units that together with Academic Computing and Networking Services (ACNS) provide and support academic applications and services, on its strategic environment, especially analyzing and prioritizing new initiatives, and recommending directions for central IT academic applications. The Committee shall be chaired by the Director of ACNS, and shall have additional members rotating annually as follows: two members representing academic colleges appointed by the chair of the College Information Technology Administrators Council (CITAC)and four members representing Vice-presidential divisions from the IAC appointed by the VPIT. The six members so appointed shall be voting members, and all other participants shall be non-voting, ex-officio members. The Committee may draw on additional resources as necessary to meet its objectives, including but not limited to the Human Resources department, the Registrar’s office, the Office of the Vice President for Research, and the Business and Financial Services department.

The Committee shall endeavor to understand the range and scope of extant and new initiatives that can provide more effective and more efficient operations throughout CSU, and shall prioritize these new initiatives. The Committee shall take under consideration, initiatives related to a broad spectrum of services including central communications, servers including virtual machines, web services, identity and access management (IAM), networking, research computing, and help desk activities. The Committee shall be briefed on the foundational activities of ACNS and its partner units, including planned and impending upgrades and maintenance, current initiatives, and thence to advise on new initiatives, priority for those initiatives, and a schedule for those new initiatives in the context of capabilities and capacities in ACNS and its associated partner units.

The Committee shall be constituted and meet as soon as practicable to review this charge, and modify it as appropriate, in concert with the Vice President for Information Technology. The Committee shall meet as often as necessary, develop a prioritized list of new projects as well as recommendations for current activities that should be discontinued by October 2015, and thereafter report on its status and recommendations to the IAC at its regular meetings. The chair of the Committee shall provide input as needed to the Vice President for Information Technology.

List of Acronyms

ACAA               - Advisory Committee for Academic Applications

ACNS               - Academic Computing and Networking Services

CITAC              - College Information Technology Administrative Council

IAC                   - ITEC Advisory Council

IT                     - Information Technology

ITEC                 - Information Technology Executive Committee

VPIT                 - Vice President for IT

Appendix C

Advisory Committee for Administrative Applications (ACAdA)

January 14, 2015

There is hereby constituted under the authority of the Vice President for Information Technology the Advisory Committee for Administrative Applications ("ACAdA" or herein the "Committee"), a standing committee under the auspices of the Information Technology Executive Committee ("ITEC"). The purpose of the Committee is to advise central IT and its associated functional units that together with Information Systems provide and support administrative applications on its strategic environment, especially analyzing and prioritizing new initiatives, and recommending directions for central IT administrative applications. The Committee shall be chaired by the Director of Information Systems, and shall have additional members as follows: two members from the CAAG appointed by the chair of CAAG, two members of the CITAC appointed by the chair of CITAC; the representatives to the ITEC Advisory Council (the "IAC") from the Human Resources department, the Registrar's Office, and the Business and Financial Services department; at least one and up to two additional members from the IAC appointed by the Vice President for Information Technology, and one member from Academic Computing and Networking Services in the area of middleware appointed by the director of Academic Computing and Networking Services. The Committee may draw on additional resources as necessary to meet its objectives.

 The Committee shall endeavor to understand the range and scope of new initiatives that can provide more effective and more efficient administrative operations throughout CSU, and shall prioritize these initiatives. The Committee shall endeavor to understand the operational environments of the Student Information System (the "SIS"), the Human Resources System (the "HRS"), and the Kuali Financial System ("KFS"), and use this context to assess and evaluate the capacity of central IT and its partner units to deliver new services. Specifically, the Committee shall be briefed on the foundational activities of IS and its partner units, including planned and impending upgrades and maintenance, and thence to advise on new initiatives, priority for those initiatives, and a schedule for those new initiatives in this context.

The Committee may also choose, at its discretion, to advise on the data storage, data access, and data reporting environment at CSU. If it so chooses, the membership of the Committee shall be augmented by a member from the Institutional Research department appointed by the Associate Provost/Director of Institutional Research.

The Committee shall meet as soon as practicable, and review this charge, and modify it as appropriate, in concert with the Vice President for Information Technology. The Committee shall develop a prioritized list of projects by June 2015, and thereafter report on its status and recommendations to the IAC at its regular meetings.

Appendix D

The Communications Infrastructure Committee

The Communications Infrastructure Committee (the 'CIC' or the 'Committee') shall be a standing committee of the ITEC Advisory Council, ('IAC') and exists to analyze and prioritize upgrades to the communications infrastructure at CSU. The committee shall be chaired by the Director of ACNS, and shall also include four members of the CITAC appointed annually by the elected chair of the CITAC and three members of the IAC who are not members of CITAC appointed annually by the Vice President for IT. The VP for IT selections shall be from different departments. In the absence of new appointments, members shall continue to serve on the Committee for successive years. The eight appointed members shall be official, voting members.

The Committee shall establish strategies and priorities for meeting the communications infrastructure needs of CSU, including identification of needs through traffic analyses, performance measurements, discovery (e.g. solicitation of brief proposals for high-speed connections, feedback from the campus, etc.), security assessments, and other such relevant factors as it deems necessary to accomplish its mission. The Committee shall annually prioritize such needs within available budget and other available resources (e.g. planning, staffing, etc.), and via Committee action, endorse the prioritization in a formal recommendation to the IAC. The committee shall also consider in the context of its scope strategies that augment centrally budgeted amounts, such as departments wishing to contribute to upgrades.

The Committee’s scope of responsibilities shall encompass physical communications infrastructure (fiber and copper cabling), networking technologies (router and switch hardware), traffic monitoring and control devices, secure access technologies such as firewalls, VPN and secure gateways, and other such factors it deems necessary to accomplish its mission.

A quorum shall consist of six members of the Committee necessary for action, and require the Chair to be present. Action shall be by a simple majority of those members present.

As its first task, the Committee may review and adjust their scope of activities as defined in this document as it deems appropriate, in consultation with the VP for IT.

The committee shall meet at least once per year to effect the prioritization of resources, and as often thereafter as necessary, and report back to the IAC. A current written network update report shall be provided to the committee at each meeting. The committee shall determine the content of that report. Meeting minutes shall be recorded and available to the campus.

Appendix E

ISTeC Research Data Management Committee

As a recommended outcome of the ISTeC Data Management forum of May 2, 2014, there is hereby constituted under the authority of the Offices of the Vice Presidents for Research and Information Technology (VPR and VPIT) the standing ISTeC Research Data Management Committee (the “Committee”). The Committee is constituted under the auspices of the Information Science and Technology Center (ISTeC) Research Advisory Committee (RAC), and shall consist of no fewer than seven and no more than ten members, at least three identified by the RAC to represent faculty and researcher interests, one member from ACNS who is responsible for data management and storage infrastructure, one member from CSU Libraries who is responsible for data management, and at least two members from the ITEC Advisory Council who are involved in data management operations and best practices. The members shall be selected to provide coherent University representation.

Initially at its first meeting, and thereafter from time to time at its discretion, but no less frequently than annually, the Committee shall elect a chair from among its members. The chair shall be responsible for setting agendas, convening meetings, the taking and posting of minutes (via assignment), and reporting as requested by and to the ISTeC RAC, and the VPs for Research and IT.

The Committee shall begin meeting as soon as practicable, and report its findings back annually or more frequently as the committee determines to the RAC, the ISTeC Executive Committee, and the VPR. The Committee shall annually elect a chair from among its members, and record and publish summary minutes and outcomes/recommendations from its meetings and activities. The Committee shall endeavor to operate with a minimum of bureaucracy, and should focus more on the future than on the current environment.

The Committee’s duties shall be to analyze, strategize, and render opinions and recommendations as to CSU’s data management ecosystem. In particular, the Committee shall:

  1. Be responsible for continuing to educate the CSU community about data management and related/associated activities.
  2. Evaluate and inform directions for the data management infrastructure at CSU, including storage, backup, preservation, transport, access, access management, and sharing data.
  3. Oversee the development of data management services, including self-service web pages and other services as and should be deployed at CSU.
  4. Identify standards and directions for data management, including federal and state mandates.
  5. Advocate for appropriate, prudent, and sensible data management initiatives and directions.
  6. Recommend appropriate balances between access to data and IT security and privacy.
  7. Report to University constituents appropriate facts and figures concerning our data ecosystem.
  8. Prepare its input and recommendations for inclusion in the annual CSU strategic plan, including budgetary needs.

The Committee should consider holding additional open fora, PDI sessions, convening affine groups of researchers, etc. Budget for the Committee’s activities will derive from ISTeC where appropriate, and from CSU Libraries.

APPROVALS

Approved by ITEC May 24, 2016

Version 2.0 approved by ITEC on June 8, 2010

Version 1.0 approved by ITEC on 6/21/2005

 

Print Version: Click Here to Print

csu ramhead logo

The CSU Policy Library is maintained by the Office of Policy and Compliance