Information Technology Infrastructure, Architecture and Ongoing Operations

I. SCOPE

This policy applies to all academic and operational departments and offices at all George Mason University (Mason) locations owned and leased.  The policies and procedures provided herein apply to all University faculty, staff, students, visitors and contractors.

II. POLICY STATEMENT

It is critically important that the University’s information technology (IT) infrastructure, architecture, and ongoing operations support the mission of the institution.  To help ensure this need is met, decisions affecting these areas must reflect standards, guidelines, and practices found to be effective in the higher education environment.  This policy establishes the nationally recognized codes of practice with which the University aligns its IT infrastructure, architecture, and ongoing operations.

The University establishes specific standards and guidelines that should influence decisions affecting key components of its IT infrastructure, architecture and operations.  These standards and guidelines align with industry best practices, appropriately tailored for the specific circumstances of the University, as described by EDUCAUSE, Internet2, and other nationally recognized resources related to the higher education environment.  The establishment of standards is not intended to inhibit research or other institutional endeavors that by their nature may require the use of cutting-edge technology not yet appropriate for normal use.  The ultimate goal is to create logical relationships between information technology resources and the mission of the University and its units.  In cases where the unique nature of a department’s or a researcher’s requirements is in conflict with a stated standard, there will be cooperative efforts to provide a solution that is compliant, compatible and practical.

This policy applies to all university information technology, whether owned and operated by the university, or used for university business through contractual arrangements.

Information Technology policies, standards and guidelines are posted at http://itservices.gmu.edu/policies/.  When decisions are made regarding IT infrastructure, architecture and ongoing operations, the decision maker should consult this information for guidance.

III. DEFINITIONS

The following organizations and workgroups represent a sampling of higher education sources for IT best practices and evolving trends.

The Campus Cyberinfrastructure (ACTI-CCI) Working Group of Educause helps educational institutions develop institutional strategies and plan their resource deployment in this emerging and evolving technological landscape and helps their users harness and optimize the power and capabilities of new integrated IT tools and systems for educational and research applications in higher education.

EDUCAUSE is a nonprofit association dedicated to the advancement of higher education through the effective use of information technology.  Members include representatives from institutions of higher education, higher education technology companies, and other related organizations.

Internet2 develops and deploys advanced network applications and technologies for research and higher education, accelerating the creation of tomorrow’s Internet.

The Postsecondary Electronic Standards Council is a non-profit association of colleges and universities; professional and commercial organizations; data, software and service providers; and state and federal government agencies.

Virginia Alliance for Secure Computing and Networking (VA SCAN) – VA SCAN was formed to help strengthen information technology security programs within Virginia.  The Alliance was organized and is operated by security practitioners and researchers from several Virginia higher education institutions, including George Mason University, which was one of the four founders of the organization.

IV. RESPONSIBILITIES

The Vice President of Information Technology and CIO, along with the Executive Director, ITS Strategic Business Operations will maintain the framework for infrastructure, architecture and ongoing operations, along with the standards and guidelines through an annual review and update process.

V. OTHER INFORMATION

The Commonwealth of Virginia Restructured Higher Education Financial and Administrative Operations Act, Code of Virginia Section 23.1-1000 et seq., as amended grants institutions additional authority over financial and administrative operations, on condition that certain commitments to the Commonwealth are met.  The Act furthermore allows institutions of higher education to enter into a memorandum of understanding with the appropriate Cabinet Secretary or Secretaries, for additional operating authority in two of the following three areas:  information technology, procurement, and capital projects (Higher Education Restructuring Level II).

The university’s memorandum of understanding with the Commonwealth provides full delegated responsibility for management of the institution’s information technology infrastructure, architecture and ongoing operations.  This delegation includes the authority to conduct these activities in accordance with industry best practices appropriately tailored for the specific circumstances of the University, in lieu of following Commonwealth-determined specifications.  This policy documents the industry best practices with which the University will align its infrastructure, architecture and ongoing operations.

VI. COMPLIANCE

Any changes, modifications or revisions to policies related to the governance of the University’s Information Technology Infrastructure, Architecture, and Ongoing Operations will be reviewed in light of the latest versions of the standards and guidelines upon which these key components are based.  Any changes, modifications or revisions to systems dependent upon the University’s Information Technology Infrastructure, Architecture, and Ongoing Operations will be required to be compatible with the published standards and guidelines.

An overview of the framework for infrastructure, architecture and ongoing operations, along with the standards and guidelines located at http://itservices.gmu.edu/policies/ will be reviewed and updated on an annual basis.

VII. EFFECTIVE DATE AND APPROVAL

The policies herein are effective October 20, 2008.  This Administrative Policy shall be reviewed and revised, if necessary, annually to become effective at the beginning of the University’s fiscal year, unless otherwise noted.

Date of most recent review: December 15, 2020

Approved:

__/S_____________________
Maurice W. Scherrens
Senior Vice President

__/S______________________
Peter N. Stearns
Provost

Date approved: October 31, 2008

Revised: January 30, 2013

Revised: November 15, 2017