91�Թ�

Printable Version in PDF Format ()

Table of Contents

• History
• Purpose
• Background
• Business Practice
  • Accountability
  • Applicability
  • Definition(s)
  • Text
• Exhibit(s)
  • Assessment History

History

• Business Practice Number: BP.00.001
• Version: 3
• Drafted By: Carlos Miranda
• Approved By: James August
• Approval Date: 08/03/2010
• Latest Revision Date: 04/09/2025

[back to top]

Purpose [top]

Describe the purpose and process for ITS Business Practices.

[back to top]

Background

Formally, there are no policies at CSU Channel Islands other than those approved by the President's  Council and published as part of the Channel Islands Administrative Manual at ITS as a group does not have the authority to create a Policy outside the formal campus process. However, there is a need for day-to-day guidance on many issues that may never be formalized as campus policy. In addition, policies can and should gloss over important implementation details that need to be documented. ITS Business Practices have been created to address these needs.  

[back to top]

Business Practice

[back to top]

Accountability

The AVP for Information Technology Services is accountable for oversight of the ITS Business Practice Process.  

[back to top]

Applicability

All ITS employees.

[back to top]

Definition(s)

Throughout the Business Practice Manual -  

1. “Shall” and “must” are used in the imperative sense,
   
2. “May” is used in the permissive sense, and
3. The use of the masculine gender includes the feminine, and vice versa

Throughout the Business Practice Manual, unless otherwise defined by an individual Business Practice -
    1. “ITS” means Information Technology Services.
    2. CMS” means Common Management System.
    3. “IDS” means Intrusion Detection System. 
    4. “CISO” means Chief Information Security Officer. 
    5. “VISC” means Virtual Information Security Center. 
    6. “WCMS” means Web Content Management System  

[back to top]

Text

General 
An ITS Business Practice is a policy-like document that describes how ITS solves certain issues or assigns resources. An ITS Business Practice may be "promoted" to the policy if there is a legal or procedural need to do so, by following the standard campus approval process. ITS Business Practices may also supplement Policies, since a Policy really ought to be a "why" document, while a Business Practice is a "how" document. For consistency and simplicity, ITS Business Practices will be formatted using the same template as campus policies, but clearly labeled as business practices to avoid confusion. All ITS Business Practices will be reviewed by ITS Leadership, approved by the AVP for Information Technology Services, and posted on the ITS Business Practice Website /its/policy/

ITS Business Practices are organized by extending the numbering scheme for CSU Channel Islands Policies:   

• 00 –ITS General (extension of Policy numbering scheme) 
• 01 - Information Management   
• 02 - Technology Infrastructure   
• 03 - Technology Use  
• 04 – Information Security, Risk, Policy and Compliance  

Deviation authority process  
The AVP for Information Technology Services may grant deviations from ITS Business Practices when legitimate business or academic needs require such deviations. Each person requesting a deviation from a ITS Business Practice should submit deviation requests in writing to the AVP for Information Technology Services. Each deviation authorization will be transmitted in writing or by e-mail from the AVP for Information Technology Services to the person requesting the deviation and will specifically cite the Business Practices from which deviations are authorized.  

[back to top]

Exhibit(s)

No exhibits have been associated with this business practice.

[back to top]

Assessment History