You are hereHome / IT Policies at the University of Michigan / General Information Technology Policies
General Information Technology Policies
Categories of university-wide Information Technology guidance include:
IT Policies articulate the university's values, principles, strategies, and positions relative to a broad IT topic. They are designed to guide organizational and individual behavior and decision-making. They are concise, high-level, and independent of a given technology. University IT policies are mandatory.
IT standards specify requirements for becoming compliant with university IT policies, other university policies, as well as applicable laws and regulations. Standards may include technical specifications and are mandatory.
IT guidelines provide guidance and best practices relative to a particular IT topic. They may accompany, interpret, or provide guidance for implementing IT policies, other university policies, or applicable laws and regulations. University IT guidelines are not mandatory.
IT Procedures document "how to" accomplish specific IT tasks or use IT services. These procedures may be localized to reflect the practices or requirements of a specific unit.
These policies deal with protecting the rights of the community and individual community members in regard to access to the information resource infrastructure, sharing of information, and security of intellectual products.
- Responsible Use of Information Resources (SPG 601.07)
- Electronic Access to Potentially Offensive Materials (SPG 601.16)
Privacy and Security
These policies deal with protection of the information assets controlled by the University of Michigan.
- Information Security Policy (SPG 601.27)
- Information Security Incident Reporting (SPG 601.25)
To report a security breach, go to the Safe Computing website.
- Social Security Number Privacy and Protection (DS-10)
- Identity Misrepresentation (SPG 601.19)
- Privacy and the Need to Monitor and Access Records (SPG 601.11)
- Acquisition, Use and Disposition of Property (Exclusive of Real Property) (SPG 520.01)
- Guidelines for eDiscovery at the University of Michigan (DM-08)
- Security of Enterprise Application Integration (DS-09)
These policies deal with management and protection of the University of Michigan's institutional data resources.
- Institutional Data Resource Management Policy (SPG 601.12)
- Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33)
Companion document: Unit-Specific Requirements for Employee Self-Management of Personally Owned Devices that Access Sensitive Institutional Data (DS-07)
- Responsibility for Maintaining Information Technology Backup and Recovery Procedures (SPG 601.07-1)
This Standard sets expectations for compliance with respect to sensitive regulated data that fall under federal or state laws or regulations:
This Guideline sets expectations for fiduciary and stewardship responsibilities in the management of U-M information resources:
To report a digital copyright violation, contact email@example.com.
Information Technology System Standards
These policies deal with standards for assigning domain names related to the University of Michigan.
- Domain Name System Standards at the University of Michigan (SPG 601.15-1)
- Internet Addressing: IP Address Standards at the University of Michigan (SPG 601.15-0)
- Customer Relations
- Michigan IT