Fayetteville Policies and Procedures: Policies Update

As previously reported, the Division of Finance and Administration will continue to issue certain policy updates over the coming weeks. Two of the below polices are revisions to existing policy while the others are a subset of new policies to supplement existing Information Technology policies.

1. FPP 301.2 Customer / Sponsor Receivables and Billing / Invoicing - administrative changes related to Workday transition
2. FPP 313.3 University Equipment - Clarifies what items are subject to policy; clarifies that policy is relevant regardless of funding source; defines the department's responsibility for oversight and control of all equipment in each unit; reinforces units' responsibility for reporting loss or theft; Workday reporting requirements for equipment being used on an off-campus location; responsibility of units with respect to inventory taking.
3. The remainder of the policies (900 Series) are new Information Technology policies that have been created to bring us in line with National Institute of Standards and Technology - NIST. 

• FPP 912.0 Highly Sensitive Data Clean Desk and Clear Screen policy - Describes required practices for protection of highly sensitive data in various media
• FPP 924.0 Data Disposal - Guidance for secure disposal of data no longer needed for university purposes
• FPP 925.0 Backup and Recovery Systems - Guidance to ensure university data and systems are backed up and recoverable
• FPP 933.0 Antivirus and Anti-Spyware Requirements and Virus Reporting - Sets minimum standards for antivirus protection for devices connected to the university network
• FPP 936.0 Mobile Device Security - Sets requirements for use of mobile technology to access sensitive university systems and data