 |
Longwood
University |
Policy 6112
END-USER APPLICATIONS SERVER
I. PURPOSE
The purpose of this policy is to establish guidelines for the use of web-based
applications on the end-user applications server.
II. DEFINITIONS
A. End-User Applications Server: This server provides a platform for applications developed by departments or offices at Longwood University other than Information and Instructional Technology Services (IITS), as well as turnkey applications purchased by University departments. The server will provide a platform for any server-side (NT/2000) web-based application. Applications containing sensitive data as defined by COV ITRM Standard SEC2002-01.1 may not be housed on this server.
B. In-house Developed Applications:
1. The application was developed in-house using commercial software such as spreadsheets, database systems, statistical packages, etc.
2. One or more employees to perform operations necessary to the conduct of university business use the application.
3. The department's use of the application is continuous and on going.
4. Information and Instructional Technology Services Technology (IITS) developed no portion of the application, nor is the application supported by IITS.C. Commercially Purchased Applications:
1. The application was purchased as a turnkey package from a commercial vendor.
2. The commercial package requires no programming modifications by IITS to meet the using department's needs. This does not preclude modification by the using department, which is then responsible for documenting such modification.
III. POLICY
University employees are encouraged to use server-based applications to enhance the effectiveness and efficiency of operations.
A. Vendor Documentation: Vendor documentation provided with commercial software packages such as spreadsheets and database systems is deemed sufficient for documenting the software in which application was developed, but is insufficient for documenting the application itself. For this reason, operating units are required to maintain written application-specific documentation to enable persons other than the developer or primary user to understand, operate, and maintain the application, should the developer(s) or primary user(s) be unavailable for any reason.
Documentation shall include an appropriate level of detail and is to be maintained on a schedule sufficient to keep it current with any significant changes in the application. The documentation shall be readily available at all times and must include, at a minimum, the following information:
1. The application's name and a brief description of its purpose.
2. Instructions on how to access the application.
3. Instructions on how to initiate or invoke the program. Specifically, which commands or series of commands are needed to initiate or run the programs associated with the application.
4. Instructions on how to exit the application.
5. A record which details the source(s) of data entered into the information system such as electronic downloads or data feeds, receipts, applications, revenue or expenditure documents, etc.
6. Samples of output documents such as forms, reports, and data entry screens.
7. Paper or independently accessible electronic copies of database file structures which should include the name of each field and the field type and length.
8. Paper or independently accessible electronic copies of program instructions.B. Support: The User is responsible for supporting the application. If assistance is required, IITS will provide "Best Effort" technical support. Continued support may be requested in writing by contacting the Software Support Services prioritization committee through User Support Services.
C. Approval: The area vice president in which the requester is assigned must approve all share requests.
D. Compliance with Acceptable Use: All applications and associated content are subject to the Longwood University Acceptable Use of Information Technology Resources and Systems policy.
IV. PROCEDURE
A. Departments shall:
1. Adhere to the Longwood University Acceptable Use policy.
2. Allow no software downloads to the applications server using the Longwood University network
3. Promote only Longwood University approved activities
4. Have "transfer-of-knowledge" plan in effect so somebody can effectively assume administrative duties once current team leaves or graduates.
5. Be considered the administrators of the applications. As administrators they are responsible for maintaining, supporting and debugging their applications.
6. Understand and accept the policy regarding the applications server.B. Information and Instructional Technology Servers shall:
1. Provide a secure location for the server.
2. Provide a clean and consistent power supply.
3. Protect the administrative system-level account.
4. Create a backup schedule and perform regular system backups (Backup media will be stored securely off-site).
5. Have technicians available in case of system emergencies.
6. Provide advance notice to users when performing system maintenance
7. Stay current with all OS and application level patches.
V. INTERPRETATION
Interpretation of this policy rests with the President and is generally delegated to the Chief Information Officer.
Approved by the Board of Visitors, September 7, 2002.
Back to the Table of Contents
Next Policy