September 24, 2024

  • 11.1 Signature Authority:  This existing policy has been updated to increase the delegates’ signature limit from $75,000 to $150,000 (to reflect the recent increase to the competitive solicitation threshold) and to update delegate's titles.  For more information, please contact Wendi Appelbaum, Associate General Counsel (wappelbaum@simplykimberly.com).
  • 11.2 Legal Review of Procurement Contracts:  This is a new policy to provide a clear framework to the University community regarding when legal review of Procurement Contracts is required by the University’s Office of the General Counsel (“OGC”), and when templates and/or addenda may be used instead.  As the University grows, OGC aims to streamline its processes. Currently, all procurement contracts are sent to OGC for review, regardless of the purchase cost, item/service, or document type.  This new policy aims to prioritize the review of procurement contracts which have been determined to be a greater risk to the University (e.g., exchange of confidential data, intellectual property, are a high cost, etc.), and simplifying the review of more standard/lower risk purchases (e.g., lower cost, PO terms are used, renewals, etc.).  For more information, please contact Wendi Appelbaum, Associate General Counsel (wappelbaum@simplykimberly.com). 
  • 12.7 System and Data Classifications:  This existing policy was updated to add a definition of Level 1 Biometric Information and to add broad categories of Highly Sensitive Information, Sensitive information, Security-related Information, and Non-sensitive Information that can be referenced in other policies.  For more information, please contact James Cooley, Chief Information Security Officer (jcooley2@simplykimberly.com).
  • 12.10 Information Security Policies:  This existing policy was updated to clarify that the Chief Information Officer (CIO) is the final approver of IT security policies and internal operational policies under the guidance of the IT Compliance Committee and the Chief Information Security Officer (CISO) and to differentiate between University IT policies that involve shared authority.  For more information, please contact James Cooley, Chief Information Security Officer (jcooley2@simplykimberly.com).
  • 12.11 Information Security Roles and Responsibilities: This existing policy was updated to formalize requirements from updated BOG and federal regulations regarding the roles of the CIO and the CISO and to add an end user responsibility to report security incidents.  For more information, please contact James Cooley, Chief Information Security Officer (jcooley2@simplykimberly.com).
  • 12.14 Exceptions to Technology Policies:  This is a new policy that formally defines the types of exceptions to information technology policies that may be approved.  Exceptions may be limited, short-term or emergency exceptions (up to 30 days), or ongoing exceptions (up to one year).  For more information, please contact James Cooley, Chief Information Security Officer (jcooley2@simplykimberly.com).
  • 12.15 Storage of Electronic Records:  This is a new policy that outlines the parameters for the storage of electronic records, including student data, University records, and employee data. For more information, please contact James Cooley, Chief Information Security Officer (jcooley2@simplykimberly.com).
  • 12.16 Artificial Intelligence (AI):  This is a new policy to provide guidance on the use of AI for university operations and instructional and academic use.  For more information, please contact James Cooley, Chief Information Security Officer (jcooley2@simplykimberly.com)