Effective management of computers and computing devices is a fundamental requirement for protecting the intellectual property, confidentiality, integrity, and availability of our institutional information and information technology (IT) resources. This policy enables faculty and staff in performance of the University's mission of teaching and learning, research, and outreach. Divisional, Departmental and unit administrators are responsible for complying with this policy.
Intentional management of electronic devices accessing university resources and used to conduct university business to an appropriate standard provides for the reliability and availability of the device to conduct university business, and the security and integrity of university data. Enforcement of this policy reduces the risk of security breaches that could compromise the integrity of university IT infrastructure and protects the university against reputational harm, unintended access, exposure, modification, or removal of university-owned data. This policy promotes good stewardship of UW-Madison's significant investments in IT resources, which include IT infrastructure, computing systems, network systems and industrial control systems.
The associated Endpoint Management and Security Policy standards/procedures provide guidance for the complex and diverse needs of UW-Madison, making it possible to comply with UW System policy in addition to federal and other grant requirements.
This policy applies to any device, virtual or physical, used to conduct UW related business, that connects to the UW System managed network and/or is used to access, manage, process, or store UW System data. Devices include endpoints purchased or obtained through UW-Madison and personally owned devices that are used to conduct the work of the university.
Continuous Diagnostic Matrix (CDM) Expectations Matrix (In Development)
UWSA 1042 Threat and Vulnerability Management Policy and Standards (This policy will be effective February 1, 2022)
UWSA 1036 Endpoint Protection Policy and Standards (TBA)
UWSA 1038 Network Protection Policy and Standards (TBA)