BP.00.001 - Business Practice on Business Practices

Printable Version in PDF Format (Get Adobe Acrobat)

Table of Contents

History [top]

  • Business Practice Number: BP.00.001
  • Version: 2
  • Drafted By: Peter Mosinskis
  • Approved By: Michael Berman
  • Approval Date: 08/03/2010
  • Latest Revision Date: 11/13/2012

Purpose [top]

Describe the purpose and process for ITS Business Practices.

Background [top]

Formally, there are no policies at CSU Channel Islands other that those approved by the President's Council and published as part of the Channel Islands Administrative Manual at http://policy.csuci.edu/.  ITS as a division does not have the authority to create a Policy outside the formal campus process.  However, there is clearly the need for day-to-day guidance on many issues that may never be formalized as a campus policy.  In addition, policies can and should gloss over important implementation details that need to be documented.  ITS Business Practices have been created to address these needs.

Business Practice [top]

Accountability [top]

The VP for Information Technology Services is accountable for oversight of the ITS Business Practice Process.

Applicability [top]

All ITS employees.

Definition(s) [top]

For the purposes of this business practice, the following key terms are identified as follows:

  1. "Shall" and "must" are used in the imperative sense
  2. "May" is used in the permissive sense
  3. The use of the masculine gender includes the feminine, and vice versa

Throughout the business practice manual, unless otherwise defined by an individual business practice:

  1. "ITS" means Information Technology Services.
  2. "CMS" means Common Management System.
  3. "CFS" means Consolidated Finance System.
  4. "IDS" means intrusion detection system.
  5. "ISO" means Information Security Officer.
  6. "LMS" means Learning Management System.
  7. "VISC" means Virtual Information Security Center.
  8. "WCMS" means Web Content Management Systems.

Text [top]


A ITS Business Practice is a policy-like document that describes how ITS solves certain issues or assigns resources. A ITS Business Practice may be "promoted" to a policy if there is a legal or procedural need to do so, by following the standard campus approval process. ITS Business Practices may also supplement Policies, since a Policy really ought to be a "why" document, while a Business Practice is a "how" document. For consistency and simplicity, ITS Business Practices will be formatted using the same template as campus policies, but clearly labeled as business practices to avoid confusion. All ITS Business Practices will be reviewed by ITS Leadership, approved by the VP for Information Technology Services, and posted on the ITS Business Practice Website https://www.csuci.edu/its/policy/.

ITS Business Practices are organized by extending the numbering scheme for CSU Channel Islands Policies:

  • 00 -ITS General (extension of Policy numbering scheme)
  • 01 - Information Management
  • 02 - Technology Infrastructure
  • 03 - Technology Use
  • 04 - Information Security,Risk, Policy and Compliance

Deviation Authority Process

The VP for Information Technology Services may grant deviations from ITS Business Practices when legitimate business or academic needs require such deviations. Each person requesting a deviation from a ITS Business Practice should submit deviation requests in writing to the VP for Information Technology Services. Each deviation authorization will be transmitted in writing or by e-mail from the VP for Information Technology Services to the person requesting the deviation and will specifically cite the Business Practices from which deviations are authorized.

Exhibit(s) [top]

No exhibits have been associated with this business practice.

Assessment History [top]

DescriptionFrequencyRole Assigned
Review of business practice. Annual             Director of IT Strategy