General
This section implements and .
Hardware and Software Configuration Management
The campus consults with ITS before each software and hardware purchase made. These purchases are reviewed by ITS for compatibility and inter-operability with the campus common environment, including security and authentication capabilities.
Whenever practical, ITS will utilize º£½ÇÉçÇø and/or CI-standard configurations for devices and systems.
Each University-issued laptop, desktop or workstation is imaged with a common suite of operating system software and applications, including security software, and is configured to use University resources for authentication and management.
ITS will evaluate all software products or services purchased for security capabilities and integration into the campus security environment. Additionally, products or services that will transmit or store must receive a written information security review from the Information Security Officer or designee.
Software Configuration Management - Applications
The source code and other required configuration information for each application developed by ITS is kept in a centrally-managed repository. The repository also provides an audit log of changes made to ITS applications. ITS Infrastructure staff regularly back up this repository to prevent the loss of the University’s intellectual property.
ITS Change Control
º£½ÇÉçÇø Channel Islands employs a formal change control process. All changes to production ITS systems are regulated by the ITS Business Practice for Change Control, BP-00-002. The Change Control process requires that all changes to production systems be logged, and certain changes must receive administrative approval.
Except for emergency changes required to prevent or respond to an outage, each change to a system storing or transferring , or changes could affect more than ten per cent of the University’s population, require the approval of the Change Control Board, Information Security Officer and Chief Information Officer.