Posted 9:43 a.m. Friday, Feb. 24, 2023
The February 2023 institution policy distribution includes one (1) revised policy, one (1) revised procedure, and one (1) new guidance document.
One (1) revised policy: · SYS 1035, Information Security: IT Asset Management One (1) revised procedure: · SYS 1035.A, Information Security: IT Asset Inventory Standard One (1) new guidance document · IT Asset Management Reporting Guideline Feedback on these items is due by 5:00 PM on Friday, March 10th, 2023. Click on the links above to view the drafts and ensure that your feedback is captured for review during the post-comment period. Comments can include attachments, including word documents and PDFs. Please find summaries of the items below. |
DRAFT REVISED POLICY SYS 1035 Package The purpose of SYS 1035, Information Security: IT Asset Management to establish minimum requirements and responsibilities for the inventory and management of UW IT Assets. This policy revision was developed with a group of subject matter experts representing multiple institutions across UW System including UW-Madison, UW-Platteville, UW-Stevens Point, UW System Administration, and UW-Whitewater. The following revisions were made to the policy: · Simplified the definition for IT Asset. Scoping statements within the definition were moved to Scope section of the policy, section 3. Examples of IT Assets were removed as these are covered in the Standard for the purpose of inventory requirements · Added a definition for IT Inventory · Added a requirement that institutions have documented processes for IT Asset lifecycle management for hardware devices · Added a requirement that inventory of IT Assets must be kept up to date within a month of changes occurring · Removed a provision which indicated UWSA would identify a system-wide standard IT management tool to be used by all institutions to account for their IT Assets · Adjusted reporting requirements pertaining to IT Asset inventories · Other minor clarifications, reorganizations, and adjustments The following revisions were made to SYS 1035.A, IT Asset Inventory Standard: · Procedure renamed from IT Asset Management Standard to IT Asset Inventory Standard · Scope of the procedure was further limited to IT Asset inventory requirements. Previous sections for IT Asset provisioning and decommissioning, as well as reporting requirements, were removed and generalized in the policy · Added a statement that IT Asset inventories do not need to be maintained in a single system. Inventories may be spread out across various systems and solutions · Clarified that if an IT Asset detail is not applicable for a technology or implementation, then it is not required · Based on feedback received from institutions, descriptive information was provided to identify the categories of IT Assets included in the IT Inventory · IT Asset details were updated to align with current technologies A guidance document was developed to highlight anticipated reporting elements for the annual reporting requirement defined in SYS 1035. Reportable asset items and details, including a template, will also be communicated to institutional stakeholders in advance of any reporting events (annual or ad hoc). No reporting will be required for institutions that utilize the central UW System asset management inventory, either directly or through an integration. |
SYS Policy Approval Notification On February 14th, President Jay Rothman approved substantive revisions to SYS 625, Youth Protection and Compliance. Also on February 14th, Vice President for Finance and Administration Sean Nelson approved substantive revisions to SYS 1277.B, Compensation: Merit Pay. On February 16th, President Jay Rothman approved substantive revisions to SYS 605, Loss-Fund Operations. See below for a brief summary of the revisions to the policies and procedure. |
SYS 625, Youth Protection and Compliance These revisions will be effective March 1, 2023. Implementation of the reference check requirement for designated individuals who are not employees of Section 6.D.II is deferred until an adequate tool is in place to meet this requirement. The purpose of this policy is to establish minimum standards for the protection of minors engaged in covered activities throughout the University of Wisconsin System (UW System). This policy does not supersede any stricter standards set by the institution and state or federal law. The items below have been revised. · In Section 3, Scope and Institutional Responsibilities: · Revised the scope statement to allow institutions the option to adopt this policy or adopt their own. · Clarified that the policy only applies to events which are targeted towards youth participants in covered activities, with some exceptions. · In Section 5, Definitions: · Updated Authorized Adults to remove completion of training and screening from first sentence, as it is addressed in Section 6D. · Removed examples of covered activities sponsored and/or operated by Third Parties. Additionally, removed the second bullet, revised the Third Party definition and added a Third-Party Covered Activity definition. · Added the definition of Field Trip. · Changed Escalation Matrix to Escalation Plan to align with institutional language · In Section 6, Policy Statement · Updated language to align with change made to the scope of the policy. · Changed department to unit in Section 6.A.I. · Replaced “covered activities” with “covered activities and third party covered activities” in Section 6.A.I. · Removed “to have a designated institutional Sponsor” in Section 6.C.I to correct a copy and paste error in original policy. · Revised registration requirement in Section 6.C.II to define that covered activities are providing custodial care. Removed “have a designated institutional Sponsor” to correct a copy and paste error in original policy. · Transferred all Third-Party requirements from Section 6.C.III to Section 6.P. ▪ Changed “institutional” to “UW System” in Section 6.D.I. · In Section 6.D.II, clarified those individuals requiring reference check screening and instances in which an exemption is permissible. · Addressed grammatical typos in Section 6.D.III. · Removed “monitor and repot” from Section 6.F; Monitoring and Reporting are addressed in 6.L.I. which clarifies that reporting obligations shall be done in accordance with institutional procedures, relevant policy, or applicable law. · Revised Section 6.F.VI to clarify prohibited behavior. · Explained the supervision ratio for covered activities in which custodial care is provided and simplified reference to ATCP78 in Section 6.G.I. · Defined when the need for prior permission for 1:1 interaction is not needed in Section 6.G.III. · Revised Section 6.H to reflect change in scope to include procedures. · In Section 6.L.I, defined individuals responsible for monitoring violations of the policy and reporting protocols. Additionally, incorporated Section 6.L.II into 6.L.I. · Identifies the responsibility of Third Parties to conduct background checks in Section 6.P.II. · Section 6.P.II was specifically outlined in one location to clearly define the minimum requirements of Third Parties. · In Section 6.P.III, removed Third Party submission requirement to the responsible entity. Instead, Third Parties requirements are subject to audits or requests within seven years. |
SYS 1277.B, Compensation: Merit Pay This procedure became effective upon approval. The purpose of this procedure is to establish more detailed criteria for the award of merit pay increases than are found in the basic language of SYS 1277, Compensation. · This revision eliminates all of the procedure-specific definitions in favor of an incorporation by reference of our standard policy definitions as found in SYS 1225, General Terms and Definitions. · The revision to the procedure eliminates several grounds upon which an employee would be found to be ineligible for merit-based increases, including: the failure of a supervisor to complete a performance review before the deadline, employees who have recently changed appointments or been promoted, employees who received merit increases outside of pay plan in two consecutive years, employees in interim appointments, and student hourly staff. This change gives institutions more flexibility in the use of merit pay increases. · The revision also clarified that crafts workers will are eligible for lump sum merit increases only. · The revision clarifies that the overall significance of an employee’s work products to the goals and mission of the organization as an eligibility factor for a compensation change for meritorious performance. · The revision lowers the continuous employment period requirement for a merit increase from twelve (12) months to six (6) months. |
The revisions to this policy became effective upon approval. This policy establishes the guidelines and reporting procedures for reimbursement from the Fund 999 in the event of damage to University of Wisconsin (UW) System property. · Revisions have been made throughout the policy to place it into the current standard SYS policy template, including adding sections for Policy Purpose, Responsible UW System Officer, Definitions, Related Documents, Policy History, and Scheduled Review. · Throughout the policy, updated all references to the Institution Risk Manager (IRM) to include “or the IRM’s designee.” · In the third paragraph of section 6, replaced language about establishing an expenditure limit with a statement about estimating the total loss and scope of work. · In the fourth paragraph of section 6, replaced “expenditure” with “predetermined scope of work expenditure.” · In the fifth and sixth paragraphs of section 6, removed information about the Uninsured Loss Fund and clarified that all institutional losses are reimbursed by the State Self-Funded Property Program (SSPP) and that all invoices charged to the 999 fund will be collected and reviewed by the Institution Risk Manager (IRM). · In the seventh and eighth paragraphs of section 6, revised language to reflect current processes for reimbursement from the 999 fund and outlined the process for the IRM to reconcile Fund 999 activity. Removed the sentence referring to unused proceeds being transferred to UWSA’s 999 fund if the institution decides not to replace the items. · In the ninth paragraph of section 6, removed the requirement to submit a Loss Reconciliation Report by October 1st of each year and replaced it with the requirement that institutions reconcile receipts and disbursements associated with each loss on at least an annual basis. |
Effective Dates Reminder SYS 625, Youth Protection and Compliance will become effective on March 1st, 2023. Please direct any questions to Prenicia Clifton at pclifton@uwsa.edu. |
