Policy

advertisement
Policy
Effective Date
July 21, 2004
Date of Last Revision
October 16, 2014
Chapter Name
Information Management
Chapter Number
Title
4.7
Electronic Report Retention
1.0 Purpose
The purpose of the electronic report retention policy is to document the amount of time that a report will be
viewable to those Eastern Michigan University (EMU) employees who require the information to perform their daily
responsibilities.
Individual departments are required to maintain necessary reports to meet federal/state regulations and auditor’s
requirements. Division of Information Technology (DoIT) will maintain the source data to meet mandated
requirements but will not archive the actual report format for the required period.
2.0 Scope
This policy applies only to reports which are generated from official university data sources and created as part of
production scheduling and execution, or delivered via electronic distributed printing system. The scope of this
policy does not include desktop applications or ad hoc reports by the user community.
3.0 Policy
DoIT will maintain output in the original report format for 30 days, unless a different timeframe has been agreed to
by DoIT and is documented on the DoIT Policy web site. DoIT will dispose of the output, once that timeframe has
lapsed, without notice to the end user community.
Exceptions to the standards will be requested by the Data Owner and approved by the Director, Enterprise
Operations with consultation of the Enterprise Resource and Planning (ERP) Business Operations Committee
(BOC).
Any retention requirements legal or otherwise beyond DoIT standards shall be the sole responsibility of the
department that owns or requested the report. DoIT does not guarantee the retention of output from test
environments.
4.0 Responsibility for Implementation
The Director of Enterprise Operations is responsible for the overall implementation of this policy.
5.0 Enforcement
Any employee found to violate federal or State of Michigan laws, EMU policies, procedures or standards of
conduct, will be subject to disciplinary action under University policy. Any student found to violate federal or State
of Michigan laws, EMU policies, procedures or standards of conduct, will be subject to disciplinary action under
EMU’s Student Code of Conduct. Any suspected violation of state or federal laws will be reported to the appropriate
legal authority for investigation.
The University reserves the right to protect its electronic resources from threats of immediate harm. This may
include activities such as disconnecting an offending computer system from the campus network, terminating a
running job on a computer system, or taking other action.
IT Policy
Form Version 3.0
Page 1 of 2
6.0 Definitions
Term
Data Owner
Ad hoc reports
Definition
Entity that can authorize or deny access to certain data, and is responsible for its
accuracy, integrity, and timeliness. For ERP modules, the Functional Security
Representative assumes the role of data owner.
Reports created without intervention from DoIT staff or services.
7.0 Revision History
Description
Gniewek/Rose Original request/proposed draft
Dorendorf Revised for new format; PRC revisions
Laundra Copyedited/proofed for upload
Policy Committee with modifications by L. Rose
Modifications by L. Rose
Policy Committee
CIO approval
IT Policy
Approval Date
July 21, 2004
April 25, 2006
May 2, 2006
May 1, 2014
September 19, 2014
October 16, 2014
October 18, 2014
Page 2 of 2
Download