UMMS Information Technology Procedures

UMMS Information Technology Procedures are a mandatory sequence of activities that must be followed to correctly perform a task.  In addition, they are designed to provide standards with the support structure and specific direction they require to be meaningful and effective.  The procedures below are applicable to all IT groups. 

Academic Technology:

• Password Management Procedure

Customer Service:

• Computer Procurement Procedure
• DocuSign 21 CFR Part 11 - Access Request Procedure
• Windows Build Procedure

Research Technology:

• AWS Access Management Procedure
• AWS Restore Procedure
• AWS Server Build Procedure
• DocuSign 21 CFR Part 11 - Access Review Procedure
• Patch Management Procedure - AWS

Engineering:

• Change Control Procedure
• Data Masking Procedure - Oracle
• Data Masking Procedure - SQL
• Root Cause Analysis Procedure

Infrastructure

• Access Review Procedure - Infoblox
• Adding WiFi Access Point Procedure
• Backup Data Destruction Procedure
• Creating a New Voicemail Box Procedure
• Data Center Access Daily and Weekly Review
• Data Retention and Backup Procedure
• Electronic Media Disposal Procedure
• Emergency Termination Procedure
• Firewall Hardening Procedure
• Information Technology Data Center Physical Site Security and Access Controls
• Infrastructure Services OnCall Procedure
• Iron Mountain Access Procedure
• IT Infrastructure Firewall Modification Procedure
• Manual Patching Procedure - Unix
• MoveIT - SLA
• MoveIT - SOP
• Multifactor Setup Procedure
• Network Device Access Procedure
• Remote Access Procedure
• Server Build Procedure - Linux
• Server Build Request Form
• Server Decommission Checklist
• Tape Vault Access Procedure
• Windows Server Build Procedure

Information Security

• Admin by Request Deployment Procedure
• Customer Account Recertification Procedure
• IAM Override Procedure
• JAMF Email Enrollment Procedure
• JAMF Third-Party Patching Procedure
• Log Analysis and Review Process
• Logging Agent Deployment Procedure
• Logging Agent Deployment Procedure - Linux
• Logging System Backup Procedure
• Non-UMMS User Account Request Procedure
• Patching Procedure - Windows
• Phishing Incident Response Procedure
• Risk Assessment Procedure
• Tenable Scanning Procedure
• Third Party Clinical Data Procedure
• Third-Party Vendors and Protected Health Information Procedure
• Web Application Scanning Procedure