Office of Internal Auditing

EIU Policies and Procedures

Contact Us

Internal Governing Policies


 

#103 - Computers, Servers, and Software


Approved: August 12, 2013

Monitor: Vice President for Business Affairs


This policy applies to all university-owned computers, servers, and software, regardless of funding source. In the context of this policy, a computer is defined as a complete working computer system, including servers and including desktop, notebook, and tablet form factors. This policy does not apply to printers, peripherals, external memory, external disk drives, monitors, or dedicated e-book readers.

Computer Purchases

Information Technology Services (ITS) will establish, publish, and maintain the standards for university-purchased computers, and all general-use computer purchases must conform to these standards.

Some university or departmental software may require specific computer configurations and/or peripherals. ITS will maintain information regarding such specifications.

Purchases of computers for specialized needs (e.g., faculty research, grant-supported activities) that are not addressed by the published standards and purchases of any other non-standard computer configurations must be approved in writing by the acquiring unit’s Dean or Director prior to purchase. In addition, all non-standard computer configurations must be approved in writing by the Assistant Vice President of ITS or designee prior to purchase.

The Department of Procurement, Disbursements, and Contract Services must approve all vendors for both general-use and specialized-need computer acquisitions prior to purchase.

Computers purchases that do not comply with these policies may not be eligible for reimbursement and may not be supported by ITS.

Any computer purchased with university funds that meets the definition of movable equipment must be inventoried in accordance with IGP #163, University Personal Property Control.

Use of computers purchased with university funds must adhere to IGP #129, Use of Technology Resources by Employees.

Relocation, Disposal, and Removal of Computers

Relocation, disposal, and removal of computers must comply with IGP #163, University Personal Property Control, and with property control moving procedures established by Facilities Planning and Management. When a computer is discovered to be missing, lost, or stolen, the financial manager responsible for the inventory of that computer, or designee, must report the loss to the University Police Department and to the Assistant Director of Information Security in Information Technology Services within one working day of the discovery the loss.

Software

Software placed on university-owned computers must be legally licensed and malware-free. ITS will establish, publish, and maintain a list of supported software for general-use computers. ITS is not responsible for ensuring that non-supported software works properly on university-owned computers. ITS is authorized to remove from computers any non-supported software that causes a conflict with software and/or network resources used to conduct university business.

Established university software purchase programs (e.g., volume discounts, educational discounts) must be utilized whenever available. ITS will maintain a list of available software purchase programs for general-use computers.

Failure to adhere to software licensing agreements or other improper use of software as outlined in IGP #129, Use of Technology Resources by Employees, may result in disciplinary action.

Servers

ITS is solely responsible for the operation and support of all infrastructure servers and server support equipment, including but not limited to the border, core, distribution, and wireless layers of the university’s networks.

Servers for departmental program support may be managed by either ITS or the department. All department-managed servers purchased after September 1, 2013, must be co-located in the ITS data center; the locations of all department-managed servers purchased prior to September 1, 2013, must be registered with and approved by ITS. ITS will establish, publish, and maintain the standards, specifications, and security requirements for both ITS-managed and department-managed co-located servers. Each ITS-managed or department-managed co-located server must have a signed service agreement between ITS and the department that outlines each area’s roles and responsibilities for supporting, maintaining, backing up, and securing the server.