Information Security and Disaster Recovery Advisory Committee Charge and Membership

Charge: 

The Information Security Advisory Committee is a senior level advisory committee to the ITESC responsible for reviewing, developing and prioritizing information security policies and procedures regarding access to district data, including research sensitive information, consistent with relevant federal and state legislation, district business and academic information security policies and procedures; shall help facilitate internal and external communications regarding the use and access of district data.

  • Identify emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy
  • review and recommend policies and standards for minimizing risks to the integrity, confidentiality and availability of information in accordance with applicable laws, policies and best practices
  • provide guidance and support to the College Information Security Officer for the implementation and maintenance of the Information Security Program
  • Recommend a framework to develop and align information security strategies with MCC’s mission and objectives, including, applicable laws and regulations, requirements, and monitoring compliance assessment.
  • Recommend a framework to develop and align information security strategies with MCC’s mission and objectives, including, applicable laws and regulations, requirements, and monitoring compliance assessment.
  • Development and maintenance of security controls and configurations within systems
  • Definition of devices that control traffic moving into and out of the internal network

Members:

  • Chair: Director of Computer Services – Gary Schieber
  • Campus Police Representative – John Moyer
  • Facilities Representative – Alan Olson
  • Faculty Representative – Melissa Napper
  • From Audit:
    • Computer Services Manager
      • Since we do not have this right now I would propose the following
        • Network Representative – Jennifer Swafford
        • Server Representative – Doug Fox
        • DBA Representative – Kevin Burke
    • Project Manager – Melissa Marr
    • Application Manager
      • Since we do not have this right now I would propose the following
        • PeopleSoft Development – Melinda Sportsman
        • Application Development – Quentin Ochieng
    • End User Services Manager
      • Since we do not have this right now I would propose the following
        • Larry Lanning

Information_Security_Advisory_Committee_Charge

Data Quality Committee Charge and Membership

Rationale for Creation of Data Quality Committee

  • No district data dictionary of available data fields and definitions exists
  • There is inaccurate, inconsistent, and incomplete data and data reports
  • There is a lack of communication method for informing users when a data field changes or when it has been discontinued
  • Some instances of duplicate data occurs as well as lack of data collection
  • Shadow databases are being kept that cannot be shared and have issues of data security
  • Collection and reporting of data is sometimes duplicated and takes longer than it should
  • Some data is not trustworthy
  • There is a lack of access to official data sources

 Charge

  1. To be consistent in our approach, designation and governance of data, metadata, and the information base of business processes
  2. To provide data definitions and processes which are consistent, uniform and accurate for reporting and analyses
  3. To provide a framework which ensures data are captured accurately and consistently to maximize clarity of common usage allowing management to make informed and timely decisions

Institutional research (IR) has the responsibility for the vast majority of official internal and external information requests and will therefore lead this effort.  IR will be assisted by the full support and participation of representatives from Informational Technology, Enrollment Services, and key functional units and areas throughout the district.

This cross functional committee will serve as a decision-making body to resolve data issues and establish interdependent data usage and definitions for the proper handling and interpretation of institutional data.  These definitions will be stored in a data dictionary which will contain details of each element from a technical and functional perspective.  The committee will serve as a common ground to communicate and coordinate data related issues and will make recommendations to senior administration regarding significant issues that have broad implications.

Tasks

  1. Review data requirements district wide
  2. Develop a data dictionary
  3. Facilitate data cleanup and auditing, and correct existing data quality problems
  4. Examine business practices related to the collection and recording of data
  5. Establish a data custodian for every piece of information that is collected and make that custodian responsible for data quality

The Data Quality Committee will be an ongoing committee and will report directly to the Vice Chancellor of Academic Affairs and Technology.  Members to the committee will be appointed by the Vice Chancellor with consultation from appropriate department supervisors or governance leaders.

Data Quality Committee

  1. Kristy Bishop, Institutional Research and Assessment, Chair
  2. Kathy Hale, Enrollment Services
  3. Karen Goos, Associate Dean, BR
  4. Patricia Amick, Administrative Services
  5. Kim Luken, Accounting Faculty, MW
  6. Melissa Marr, IT Project Manager
  7. Karen Moore, Dean, BTC
  8. Carlton Fowler, Enrollment Manager, PV
  9. David Gann, CTE Program Coordinator, LV
  10. Christina McGee, Human Resources
  11. Dena Norris, Financial Aid
  12. Todd Martin, Biology Faculty, BR
  13. Sydney Beeler, Student Development

Bibliography

What is Quality Data?  Accuracy, Integrity, Consistency, Completeness, Validity, Timeliness, Accessibility (Rome & Moore, 2004).  Rome, J. & Moore, S.  (2004).  Dealing with Data Quality:  How a Data Warehouse Can Help.  Arizone State University.  Presentation at CUMREC.

“The business costs of non-quality data including irrecoverable costs, rework of products or services, workarounds, and lost and missed revenue may be as high as 10 to 25 percent of revenue or total budget of an organization”  (English, 1999).

http://net.educause.edu/ir/library/pdf/eqm0110.pdf – Quality Data – An Improbable Dream?

Data Quality Committee Charge

Project Review Board Charge and Membership

Charge: 

The project review board has the responsibility for reviewing and prioritizing all work requests that are presented to IT for application review, installation, development, enhancement or customization. This group will use a standard scoring method and risk/reward chart to evaluate requests.

  • Periodically review entire project portfolio for changes in scope, timeline or resources
  • Provide review of overall active and upcoming project portfolio, project scoring and ranking to ITESC
  • Periodically review and evaluate project requests based on the developed scoring guide
  • Provide assistance to project sponsor in completion of project request document as necessary

Members:

  • Chair: IT Project Manager, Melissa Marr
  • Director of Computer Services, Gary Schieber
  • Director of Student Financial Services, Dena Norris
  • Interim Director of Enrollment Services, Jen Saab
  • Director of Administrative Systems and Management, Patricia Amick
  • Director of Career Education, Tristan Londre

Project_Review_Board_Charge

Architecture Review Board Charge and Membership

Charge: 

  • Addresses information technology architecture issues and provides policy, standards, guidelines, or procedural recommendations to the IT Executive Steering Committee (ITESC)
  • Initiates and recommends specifications for district-wide  Information Technology Architecture specifications
  • Reviews proposed programs and projects and makes recommendations regarding their compliance with technical architecture standards
  • Review exception requests to technical architecture standards and make recommendations to IT Executive Steering Committee (ITESC)
  • Review Proposed changes to the architecture, reviewing IT trends, strategies and activities and make recommendations to IT Executive Steering Committee (ITESC)
  • Review and make recommendations to the IT Executive Steering Committee (ITESC) on IT risk management, regulatory compliance and business continuity

IT actions requiring ARB review and approval include any plan, implementation, or production change that is outside the currently approved IT Architecture, including:

  • New IT products requested or intended for purchase
  • Products to be tested for probable use in the production environment that would move to the “Candidate” category
  • Products proposed for moving from “Candidate” to “Supported” or “Preferred”
  • Decommissioning of supported or preferred technologies
  • Projects creating new systems
  • Projects integrating one or more previously identified “enterprise” services or systems.
  • Will cause a significant modification to an existing IT system, application, or service

Members:

  • Chair: Director of Computer Services – Gary Schieber
  • From Audit:
    • Computer Services Manager
      • Since we do not have this right now I would propose the following
        • Network Representative – Jennifer Swafford
        • Server Representative – Doug Fox
        • DBA Representative – Kevin Burke
    • Project Manager – Melissa Marr
    • Application Manager
      • Since we do not have this right now I would propose the following
        • PeopleSoft Development – Melinda Sportsman
        • Application Development – Quentin Ochieng
    • End User Services Manager
      • Since we do not have this right now I would propose the following
        • Larry Lanning
  • Facilities Rep-Alan Olson

Architecture_Review_Board_Charge