The University of San Francisco: Information Technology Services
Information Technology

Policy Development and Enforcement

  1. The VP for IT is responsible for ensuring the security of the USF network through appropriate management of ITS staff responsibilities, integration of comprehensive network security policy and standards, fostering campus commitment to securing network resources and services, and monitoring compliance with security policies.
  2. Approval of policies
    2.1 Policies must be approved by the VP for IT in consultation with the UITC and the Leadership Team.
  3. Regular periodic assessment and revision of policies.
    3.1 The VP for IT is responsible for ensuring periodic assessment and revision of policies.
    3.2 The Campus Security Team, UNAS, UITC, Leadership Team, and other groups as appropriate will participate in the assessment and revision process.
  4. Monitoring compliance with policies.
    4.1 The VP for IT is responsible for monitoring compliance with policies.
    4.2 The Campus Security Team is responsible for notifying the VP for IT when security vulnerabilities or incidences of non-compliance are discovered.
    4.3 When security vulnerabilities or incidents of non-compliance are discovered, the VP for IT will immediately notify the appropriate Dean or Vice President. If the VP for IT deems it appropriate, the VP for IT may bring these discoveries to the attention of the Leadership Team.
    4.4 The VP for IT will update the Leadership Team regarding security issues on an annual basis, or more frequently if significant security issues arise.
  5. Responding to incidences of non-compliance.
    5.1 The VP for IT is responsible for ensuring that the University responds appropriately to incidences of non-compliance.
    5.2 The Campus Security Team and the system administrator responsible for the system(s) in question may act under the VP for IT’s authority in responding to incidences of non-compliance.
    5.3 Non-compliant equipment or systems may be disconnected from the network or blocked by USF personnel authorized by the VP for IT.
  6. Evaluation of exception requests.
    6.1 Exceptions to these policies require the approval of the VP for IT.
    6.2 The Campus Security Team, UNAS, and others as appropriate will participate in consideration of exception requests at the request of the VP for IT.