You are hereHome › IT Policies at the University of Michigan › General Information Technology Policies
General Information Technology Policies
Categories of university-wide Information Technology guidance include:
IT Policies articulate the university's values, principles, strategies, and positions relative to a broad IT topic. They are designed to guide organizational and individual behavior and decision-making. They are concise, high-level, and independent of a given technology. University IT policies are mandatory.
IT standards specify requirements for becoming compliant with university IT policies, other university policies, as well as applicable laws and regulations. Standards may include technical specifications and are mandatory.
IT guidelines provide guidance and best practices relative to a particular IT topic. They may accompany, interpret, or provide guidance for implementing IT policies, other university policies, or applicable laws and regulations. University IT guidelines are not mandatory.
IT Procedures document "how to" accomplish specific IT tasks or use IT services. These procedures may be localized to reflect the practices or requirements of a specific unit.
These policies deal with protecting the rights of the community in regard to access to the information resource infrastructure, sharing of information, and security of intellectual products.
- Proper Use of Information Resources, Information Technology, and Networks at the University of Michigan (SPG 601.07-0)
Companion document: Guidelines for Implementing the Proper Use Policy of the University of Michigan: Responsible Use of Technology Resources (R1103)
- Policy and Guidelines Regarding Electronic Access to Potentially Offensive Material (SPG 601.16)
Privacy and Security
These policies deal with protection of the information assets controlled by the University of Michigan.
- Information Security Policy (SPG 601.27)
- Information Security Incident Reporting Policy (SPG 601.25)
To report a security breach, go to the Safe Computing website.
- Identity Misrepresentation (SPG 601.19)
- Privacy and the Need to Monitor and Access Records (SPG 601.11)
- Acquisition, Use and Disposition of Property (Exclusive of Real Property) (SPG 520.01)
- Privacy and Retention of Security Logs Guidelines
- Guidelines for eDiscovery at the University of Michigan
These policies deal with management and protection of the University of Michigan's institutional data resources.
- Institutional Data Resource Management Policy (SPG 601.12)
- Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33)
Companion document: Unit-Specific Requirements for Employee Self-Management of Personally Owned Devices that Access Sensitive Institutional Data (DS-07)
- Responsibility for Maintaining Information Technology Backup and Recovery Procedures (SPG 601.07-1)
This Standard sets expectations for compliance with respect to sensitive regulated data that fall under federal or state laws or regulations:
This Guideline sets expectations for fiduciary and stewardship responsibilities in the management of U-M information resources:
To report a digital copyright violation, contact email@example.com.
These policies deal with use and distribution of copyrighted software programs.
- Management of Copyrighted Software (SPG 601.03-1)
- Ownership and Use of Computer Software (SPG 601.03-0)
Information Technology System Standards
These policies deal with standards for assigning domain names related to the University of Michigan.
- Domain Name System Standards at the University of Michigan (SPG 601.15-1)
- Internet Addressing: IP Address Standards at the University of Michigan (SPG 601.15-0)
- Strategic Planning
- Investment Proposals
- Customer Relations