September University Distribution Reminder, SYS Policy Action Summary & FY 2025 Q2 SYS Policy Preview

As a reminder, the September university policy distribution contains five (5) revised policies, one (1) new policy and one (1) new procedure.

Revised Policies:

• SYS 121, Professional Licensure and Occupational Certification Programs: Determining Student Location
•  SYS 1037, Information Security: IT Disaster Recovery
• SYS 1275, Recruitment Policies
•  SYS 1310, Copyrightable Materials Ownership, Use, and Control
• SYS 1315, Patents and Inventions*

DRAFT REVISED POLICY

SYS 121, Professional Licensure and Occupational Certification Programs: Determining Student Location

These policy revisions will be effective upon signature by the President.

Summary of Policy and Policy Revisions

• In accordance with federal regulations, universities are required to disclose state-specific professional licensure and occupational certification information to students or prospective students based on the state in which a student is located. This policy is necessary to provide a general structure under which universities shall determine a student’s location. Adherence to federal regulations is a condition of Title IV eligibility. The following policy revisions were made:
  • Updated the policy title to include “and Occupational Certification.”
  • Throughout the policy, language was updated to reflect the current state of the regulation, as the policy was originally drafted when the regulations were new.
  • Throughout the policy, replaced the term “institutions” with “universities.”
  • Throughout the policy, replaced “professional licensure” and “professional or occupational licensure” with “professional licensure and occupational certification.”
  • In Section 5, a definition for “Time of Enrollment” was added.
  • In Section 5, the definitions of “Location” and “Professional Licensure or Certification Program” were revised and expanded upon.

DRAFT REVISED POLICY

SYS 1037, Information Security: IT Disaster Recovery

These revisions will become effective 6 months after signature by the President.

Summary of Policy and Policy Revisions

• This policy establishes the minimum requirements for Information Technology (IT) Disaster Recovery (DR) efforts for University of Wisconsin (UW) institutions and is designed to assist in executing recovery processes in response to a disaster or significant IT disruption. The following revisions were made to the policy:
  • Specific elements required for institutions to incorporate into their IT DR plans have been moved into an accompanying Standard. These elements were further grouped and additional context provided to assist institutions in interpretation.
  • Added a requirement to review and update IT DR plans annually to reflect changes in technology and business requirements
  • Adjusted specific requirements related to frequency, validation, and testing of IT backups for High Impact Systems. This includes:
    • Requiring all High Impact Systems to be backed up in alignment with the institutional operational needs and Recovery Point Objectives, not to exceed 28 days.
    • Verification of backups for High Impact Systems on a quarterly basis to ensure no data has been missed during the backup process
    • A recommendation to perform full recovery tests for each High Impact System on an annual basis to ensure backup and recovery processes work as intended
  • Added a requirement to document all backup and testing activities
  • Added a requirement to evaluate, upon activation of the IT DR plan, the effectiveness of the institution’s recovery efforts and update DR plans to address any gaps or weaknesses identified.
  • General enhancements to policy purpose and background to reflect the importance of IT DR efforts
  • Updated formatting and layout of the policy

The following resources were used to inform these revisions:

• Interim campus and stakeholder feedback
• Recommendations and observations resulting from a 2022 Internal Audit of Information Technology Disaster Recovery processes throughout UW System.
• 2021 IS Actions Memo, Disaster Recovery Effort (Now Rescinded)
• NIST Cybersecurity Framework 2.0, specifically IT Disaster Recovery components spread across several areas of the framework, particularly under the “Recovery” function.
• NIST SP 800-171, which outlines specific requirements related to IT DR within the broader context of protecting data on non-federal systems

DRAFT REVISED POLICY

SYS 1275, Recruitment Policies

These policy revisions will be effective upon signature by the President.

Summary of Policy and Policy Revisions

• This update makes revisions to the following policy sections:
  • Section 6.B changes the required questions for the final candidate to instead require a mandatory review of the candidate’s personnel file for any previous state or UWS employment.
  • Section 6.C is updated to update the number of reference checks required and to specify that reference checks will be completed by the new automated reference checking system.  It also specifies when the reference check process may be waived.
  • Section 6.D is updated to replace human reference questioning with a personnel file review.
  • Section 6.E is eliminated.
  • Appendix 2 is updated to be consistent with the new policy requirements.
  • Appendix 3 is eliminated.
  • Appendix 4 is updated to be consistent with the new reference check criteria established in the previous update, and to reflect the use and functionality of the new automated reference checking process.

DRAFT REVISED POLICY

SYS 1310, Copyrightable Materials Ownership, Use, and Control

This policy will be effective upon approval by the President.  

Summary of Policy and Policy Revisions

• The purpose of this policy is to clearly define copyright ownership for the faculty, staff, students, and affiliates who use the UW system’s facilities or act under contract with the Board of Regents of the University of Wisconsin System. The policy recognizes and codifies the System’s longstanding commitment to the academic tradition of assigning copyrights to the creators of scholarly, academic, and artistic works.
  • The policy has been updated throughout to fit current UWSA formatting standards and template. This included the addition of Section 1. Policy Purpose, Section 2. Responsible UW System Officers, Section 3. Scope and Institutional Responsibilities, Section 5. Definitions, Section 7. Related Documents, Section 8. Policy History, and Section 9. Scheduled Review.
  • In the title, removed the word “Instructions.”
  • Section 4 has been shortened to provide a brief history of the need for this policy and to unify the language of the SYS 1300 series policies.
  • Section 6.A has been redefined to determine copyright ownership based on category of work and no longer the type of material.
  • Section 6.B now discusses conditions of copyright transfer, and the policy no longer lays out developmental conditions for copyrightable instructional materials.
  • Section 6.C now lays out a standard for copyright ownership of jointly authored works.
  • Section 6.D was added to include the following definitions for Institutional Work:
    • Disposition: UW System units most closely associated with the authorship of Institutional Work may authorize use of the work. The disposition of Institutional Work within the UW System shall be managed by the president, chancellor, or designee.
    • Notice and Registration: Institutional Work that is registered with the U.S. Copyright Office or that includes a copyright notice should identify “The Board of Regents of the University of Wisconsin System” as the copyright owner.
    • Release of Institutional Rights: Authors of Institutional Works may request that the UW System transfer ownership to the Author. The UW System institution where the work is created may release its rights in copyrighted works to the As of 09/18/2024 Author(s) via a written agreement upon a determination that the transfer will not 1) conflict with an obligation to a Sponsor or third party; 2) violate any legal obligations of or to the UW System or Institution; 3) limit appropriate UW System use of the materials; 4) create an unmanageable conflict of interest for the Author; or 5) otherwise conflict with the UW System institution’s goals or principles.
  • Section 6.E was added to lay out terms in which UW System may license uses of or transfer copyright in an Institutional Work or to acquire copyrights.
• See the Frequently Asked Questions- SYS 1310, Copyrightable Materials Ownership, Use, and Control page for more information on the purpose of the proposed changes and additional clarification.

DRAFT REVISED POLICY

SYS 1315, Patents and Inventions

This policy will become effective upon signature by the President.  

Summary of Policy and Policy Revisions

• The purpose of this policy is to establish the applicable UW System policies with respect to inventions and outline the responsibilities, privileges, and options of faculty, staff, and students when they have made an invention.
  • Number schematics were updated to reflect the current standardized template used for UW System Administrative policies.
  • Throughout the policy, references to SYS 346 were updated to SYS 1315.
  • In the second paragraph of section 6.A, language was updated to reflect that researchers have multiple options to disclose intellectual property they feel has potential commercial value.
    • “at their option…”
  • In section 7, references to SYS 190 were updated to SYS 1305.
  • In section 7, references to SYS 191 were updated to SYS 1310.

NEW DRAFT POLICY

SYS 650, Public Records Management Roles & Responsibilities

This policy will be effective July 1, 2025.

Summary of Policy and Policy Revisions

• To maintain accountability and to preserve the trust the public and students place in UW System, records must be maintained legally and ethically as evidence of our work, decisions, and behavior. Like all state agencies, UW System must adhere to Wis. Stat. § 16.61, which governs the length of time public records must be kept and how these records must be disposed of or transferred to university archives. Unauthorized disclosure, alteration, or destruction of records constitutes a serious breach of public trust and risks legal and reputational harm to UW System. This policy outlines the roles and responsibilities for the proper management, disposition, and preservation of UW System records in order to comply with these requirements.
• Per Wis. Stat. § 16.61, all employees of the state of Wisconsin are obligated to manage records according to records schedules approved by the Wisconsin Public Records Board. However, most employees are unaware of the records schedules that apply to their records, and therefore are not in compliance with this obligation. The key requirement of this policy is for units to create, maintain, and adhere to a unit records management plan. The unit records management plan:
  • Identifies the types of records created and managed by their staff and all associated records schedules. o Identifies how those types of records are organized and ensures that all pertinent records are stored centrally instead of on individual drives, devices, or accounts.
• After initial creation, employees will have unit records management plans available for their use which will increase awareness and overall compliance with records management obligations. It will also significantly decrease the time and effort of each individual employee to meet these obligations. Records management plans will help to secure records by identifying those records that require additional protections due to containing personally identifiable or other confidential information required by statute. Records management plans will also be greatly useful with preserving records management functions with staff turnover.

DRAFT NEW PROCEDURE

SYS 1037.A, Information Security: IT Disaster Recovery Plan Standard

This procedure will become effective 6 months after signature by the President.

Summary of Procedure

• As part of the revision to SYS 1037, Information Security: IT Disaster Recovery, this procedure has been added to accompany the policy that focuses solely on elements that institutions are required to include in their IT Disaster Recovery Plans.
• Please see the SYS 1037, Information Security: IT Disaster Recovery summary for further information.

September Policy Action Summary

Please see the September 2024 Policy Action Summary pdf document. It details policy work completed between September 6 and October 4, 2024. There was one (1) revised UW System Administrative Procedure, and three (3) new UW System Administrative Interim Policy Actions.

One (1) Revised UW System Administrative Procedure

• SYS 102.A, New Academic Degree Programs, Changes to Academic Degree Programs, and Additional SYS 102 Items 

Three (3) New UW System Administrative Interim Policy Actions

• SYS 100-10, Interim: Institutional Statements
• SYS 1200-13, Interim: University Staff and Draft Workers Vacation, Paid Leave Banks, and Vacation Payouts
• SYS 1200-14, Interim: University Staff Personal Holiday and Legal Holiday Administration 

FY 2025 Second Quarter SYS Policy Preview

Please see the FY 2025 Q2 SYS Policy Preview pdf document. It details the policy work anticipated between October and December 2024, including policies and procedures to be distributed to universities, as well as policies and procedures that are anticipated to be approved by the President.