The purpose of this policy is to establish a University wide information technology (IT) systems development life cycle to offer consistency and structure to the IT systems development process and to ensure that security is considered throughout an IT system's development.
Systems Development Life Cycle (SDLC): The SDLC is a process for developing IT systems that offers consistency and structure in the progression of an IT system from concept to implementation to disposition.
Consideration of Security in the SDLC: Security will be integrated into each phase of the SDLC. An IT System Security Plan will be updated and maintained throughout the life cycle of an IT system.
The University regards any violation of this policy as a serious offense. Violators of this policy are subject to disciplinary action, in addition to possible cancellation of IT resources and systems access privileges. Users of IT resources and systems at Longwood are subject to all applicable local, state and federal statutes. This policy does not preclude prosecution of criminal and civil cases under relevant local, state, federal and international laws and regulations.
Approved by the Board of Visitors, December 5, 2008.