This policy outlines the usage of software not managed by Adelphi IT, and outlines requirements and exceptions.

Policy Statement

This policy outlines the usage of software not managed by Adelphi IT, and outlines requirements and exceptions.

Reason for Policy

Software is in use in many places throughout the University. Often, the software plays a critical role in the fulfillment of a business function. In order to maintain the university’s enterprise architecture, and to maintain business continuity when technical problems or disasters strike, the Office of Information Technology needs to be aware of all software that is used by Adelphi faculty and employees. This holds true, even when Adelphi IT does not manage the software.

Who Is Governed by this Policy

All end-user and application management accounts on computerized information systems operated by or on behalf of Adelphi University.

Policy

All software or computer-based services that are used, but not actively maintained by the Office of Information Technology must meet the following requirements:

  1. The software or service must have an identifiable sponsor who will function as the primary point of contact regarding all issues relating to the software.
  2. If the software or service has an Availability Requirement of Critical or Normal it must be identified and reported to the Information Security Officer for business continuity planning.
  3. If the software or service is used to process protected information, it must have its security evaluated prior to use and be approved by the Information Security Officer.
  4. Software or service evaluations must be repeated when significant changes to the software or the service occur.
  5. The software or service must be appropriately licensed and maintained.

Deviation from Policy
Deviation from this policy may be granted by the Chief Information Officer, or his/her delegate.

Definitions

This policy does not have definitions associated with it at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Forms

This policy does not have forms associated with it at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Related Information

This policy does not have related information at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Document History

  • Last Reviewed Date: March 30, 2023
  • Last Revised Date: September 01, 2017
  • Policy Origination Date: October 7, 2009

Who Approved This Policy

Carol Ann Boyle, Chief Information Officer

Policy Owner

Secondary Contacts

Search Menu