Computer Hardware, Software and Services Standards
Administering Office: Information Technology
Revised: September, 2007
Approved by Executive Council: September 22, 2008
The objective of this policy is to bring a systematic approach to the acquisition,
security, utilization, maintenance, and disposition of desktop/laptop computer and
server equipment and software used by the administration, faculty, and students at
Western Carolina University.
Computers and related software and peripherals purchased by the University, will be
managed and maintained by the University. Individual users may not install software
or physical devices that prevent appropriate University personnel from accessing the
equipment or software to conduct management or maintenance functions. The University
may install software on university-purchased PCs or personal PCs connected to the
campus network to do remote management and maintenance of computers and to protect
the computers from viruses, malicious software (“malware” and spyware), etc. The Information
Technology Division has overall responsibility for the acquisition, maintenance and
inventory control of the University standard-compliant information technology.
Offices wanting to purchase and implement local server-based systems must develop
a Service Level of Agreement (SLA) with the Information Technology Division that specifies
the responsibilities of both parties in the implementation and maintenance of the
system. The SLA must be signed by both the appropriate Dean or Vice Chancellor and
the Chief Information Officer.
To accommodate varying needs in instruction and research computing, while avoiding
excessive variability in equipment and software, academic computing purchases shall
be standardized on the Windows and Macintosh operating systems. Determination of which
system to choose shall be dependent upon the defined use. Information Technology will
establish a limited list of standard hardware configurations that must be used by
University faculty and staff, unless a departmental request for deviation from the
standard has been approved by the Office of the CIO.
University desktop/laptop computer programs shall be standardized on selected vendor
software packages (i.e., spreadsheet, word processing, antivirus, and antimalware,
etc). When required to submit a document as a computer file to another University
department or person, the department or person who submits the file is responsible
for providing it in the standardized format. A Windows-based application should be
used for administrative purposes if a compatible cross-platform version does not exist.
Information Technology shall develop or revise the list of approved vendor hardware
and software packages in the spring of each year with the advice of the appropriate
Information Technology advisory committees. This list will be submitted to the Information
Technology Policy Council for approval. The list will be published on the University’s
Information Technology web page.
Purchases of desktop/laptop computers, servers, disk drives, printers, and other external
computer peripheral devices by Western Carolina University departments and offices
must be accompanied by purchase and installation of security devices and software
that effectively prevent theft of the equipment. Information Technology and Purchasing
Office personnel will assist departments in identifying and procuring appropriate
security methods for the equipment being acquired. Budgetary responsibility for purchase
and installation of these security methods will reside with the University department
acquiring the equipment.
Exceptions to this policy may be made for equipment whose value does not exceed $250,
if the equipment is meant to be portable, or if the user department and the Director
of University Police judge that the equipment's location will be sufficiently protected
to minimize the risk of theft.
SOFTWARE LICENSE MANAGEMENT
All software products purchased with university-controlled funds shall have proof
of license on file with the department ordering it. Information shall include product
identification, license number, date of purchase, and user. Departments must maintain
such records for software installed locally on computers under their control. Information
Technology must maintain such records for software installed to run on the central
computer system or from network servers managed by Information Technology or for site
licensed software. This step will provide information to the University on its software
assets and license obligations. Information Technology, with assistance from Legal
Counsel, shall disseminate information concerning copyright and license responsibilities
to desktop/laptop computer software users.
Information Technology is responsible for maintaining standards-compliant software
and hardware. Departments purchasing non-standard hardware or software are responsible
for its maintenance. Users shall be responsible for maintaining a backup copy of their
software products (license permitting), applications, and data files. Desktop/laptop
computer and server-based applications developed by a department rather than by the
Information Technology shall be the responsibility of the department.
Desktop/laptop computer and server-based operations critical to the mission of the
University shall have a Disaster Recovery Plan. The responsibility for identifying
desktop/laptop computer operations critical to the mission of the University and insuring
that a Disaster Recovery Plan for that operation exists rests with the responsible
Vice Chancellor. The responsible Vice Chancellor will also report the Disaster Recovery
Plan to the University Internal Auditor for inclusion in the University Disaster Recovery
REPLACEMENT AND DISPOSITION
Information Technology will annually publish an obsolescence schedule, giving at least
a one year’s notice as to what software or hardware will no longer be supported by
Information Technology. Once software or hardware reaches that cutoff date, it will
be replaced by Information Technology if the software or hardware is their responsibility.
If it is not, Information Technology will not be obligated to provide support for
it. Software or hardware replaced by Information Technology may not be retained by
the department, but must be turned over to Information Technology for disposal. The
user is responsible for removing any data from a desktop/laptop computer before it
is replaced. Disk drives from replaced desktop/laptop computers will be physically
destroyed by Information Technology before they are surplused.