cd photograph


Meeting Minutes

UITAC logo

Meeting Minutes for November 11, 2002

A meeting of the University Information Technology Advisory Committee was called to order at 3:10 p.m. on November 11, 2002, in the 4th floor conference room of Cabell Library. Dr. David Sarrett, co-chair, presided. Members present were Dr. Timothy Broderick, Dr. Lynn Nelson, Ms. Fran Smith, Dr. James Shultz, Dr. Robert Mattauch, Dr. Phyllis Self, Mr. John Ulmschneider, and Mr. Mark Willis. Ms. Veronica Shuford and Mr. Carl Gattuso were absent.

Minutes were approved as prepared.

Mr. Willis distributed a three-part handout consisting of:
1. Information Security Policy draft dated 10/18/02
2. VCU Security Policy Implementation Procedures draft dated 10/18/02
3. Computing Emergency Response Team (CERT)

He reminded the committee that the original Information Security Policy was approved about one year ago. The policy was forwarded to the Vice Presidents at that time. There were several parts to it then and that policy has been incorporated into the current draft Information Security Policy.

Mr. Willis pointed out one change in particular, which had previously been in the “procedural” part of the document and is now proposed to be in the actual “policy” document. That change is the last full paragraph on the second page of the Information Security Policy draft which states “Procedures to enact the requirements of the security policy are provided in the Related Documents section below. Failure to comply with this policy and related procedures will be considered a violation of the VCU Computer and Network Resources Use Policy.”

The committee reviewed the draft document, and discussion included the following:
• A suggestion that the list of dangerous services (network prodicols) be eliminated and a statement added to the effect that the “dangerous services items” would change as needed.
• Departments be prohibited from running their own email system. The committee felt they should be run centrally.
• The name of the document should be “Information Security Policy and Procedures.”
• Rather than including all the revision dates for each section, the committee agreed that ONE date should appear when a section is revised and a backup copy kept with all the actual revision dates for the section on it.
• Web sites will be referenced for the changes.
• The Incident Reporting section of the Computing Emergency Response Team document was significantly reduced. Dr. Self asked if it was clear than ANY kind of computer abuse type situation could be reported through this mechanism, and the committee agreed that it was. It was suggested that a statement referencing this should be added to the VCU Computer and Network Resources Use Policy Enforcement Procedures document but the document would not need to be re-sent to the Vice Presidents.

After discussion, it was moved and seconded that the changes to the Information Security Policy be accepted in the new format and the document be sent to the Vice Presidents.

Mr. Willis stated that although higher education was previously exempted, we have now been asked to draft a plan which probably will be due within a year. We need to demonstrate that we can make the most out of every dollar. In the future when the economy does turn around, if we can come forward with plans that we can cooperate and collaborate, those are the plans that will likely be funded by the state. Several different areas are being considered for collaboration:
a. Purchasing is one of the main areas being looked at. VASCUP develops cooperative contracts that any institution can use and usually offers better deals than the state contracts.
b. Certain contractors will be recommended for particular purchases and state schools should use that contractor. This area probably has the highest potential for cost savings but is fairly controversial.
c. Network management should band together to allow access to high-speed networks.
d. Administrative systems should join collaborative groups and run the systems from one institution.
e. Backup and disaster recovery.
f. Investigate course management systems that could be shared across the Commonwealth, for instance the Community College system and VCU might be able to work with Blackboard and design something.

AIT’s focus is on improving email, with the number one priority being to get virus protection on all email systems. Other initiatives include replacing the VCUCard Systems, server management, network improvements, directory services, disaster recovery and telephony
• AT
AT’s strategic initiatives include enhancing the Student Computer Initiative; providing high quality support to the VCU web; enhancing Blackboard as the course management software of choice at VCU; operating and maintaining a centralized server to support academic pursuits; providing a centralized computer help desk; providing access to high-end technology in all centrally-controlled classrooms and computer laboratories; providing research computing support for faculty and students; investigating and pioneering the use of technologies for the effective delivery of education content in traditional classes, online classes and in distance education; development of a prototype VCU Portal; and collaborating with AIT to develop an enterprise directory.
• Libraries
Due to lack of time, Dr. Ulmschneider will discuss the Libraries’ initiatives at the next UITAC meeting.

The Teach Act will be discussed at the next meeting.

A comment was made at the beginning of the meeting regarding the UITAC Annual Report. Mr. Willis stated that it had NOT been taken to the vice presidents yet. Mr. Timmreck believes the proposed increase in membership will cause the committee to be too large and unmanageable, although he did think it was a good idea to have representatives from the faculty and staff senates on the committee.

After discussion, the members came to the conclusion that the committee had been an effective forum in working on policy (Computer Use Policy, Enforcement Procedures, Email Guide, Patriot Act, etc.). They determined that the committee needs some way to drive structural change. Mr. Willis, Dr. Self and Mr. Ulmschneider know what other institutions look at and should bring some comparative data to the next UITAC meeting for discussion. The committee will then be able to make a recommendation as to how to proceed and can present it to the Provost, Mr. Timmreck and Dr. Kontos.

There being no further business, the meeting adjourned at 4:45 pm


  Virginia Commonwealth University | Administrative Information Technology
Last Modified January 28, 2003
Contact page designer for comments concerning this page.