Guidelines, best practices & advice for UW–Madison IT professionals

Each department or discipline has a unique culture, requiring a unique approach to delivering IT services and support. Take time to understand the unit you are working in. Understand where your unit fits into the campus organization and what motivates your people.
Develop relationships with key people in your unit and related groups to understand your people better.

• Consider groups or demographics that aren’t currently visible in your interactions. Actively involve underrepresented groups to ensure inclusivity in your service design and to uncover potential biases in the services and technologies you endorse.
• Each unit facet – administration, teaching, service, and research – will have its own needs and priorities. Consider meeting with each group in your unit regularly, perhaps annually or semi-annually.
• Let people’s needs drive the solutions as much as possible while operating within the standards and policies that apply to a given situation. Help find and use IT solutions to those needs while considering best practices, cost, policy, technology trends, etc.
• Be relevant to your people. Spend time with them. Don’t assume you know. Learn their goals and priorities.
• Understand their timeline, their deadlines, and the lifecycle of their work. If you don’t know, ask.
• Remote support has become increasingly important in managing a modern workforce. Many of your colleagues work remotely. Avail yourself of the available tools in your unit to provide remote support and set people’s expectations about how and when they can receive support.

Your communications should be transparent, timely, deliberate and understandable.

• Practice transparency. Communicate the choices you are making clearly. Provide rationales.
• Some people prefer frequent updates on the status of their IT requests. Even if you don’t have an answer, you could tell them you are still working on their request.
• Plan your communication strategy before you need it. Develop contact lists. Tell people where to find information and get status updates and outage information.
• Be aware of available communication channels such as in-person meetings, email, chat or social media. Choose appropriate channels for your message and audience. Consider channels you haven’t used before.
• Understand your audience. Plan your communications and review them from the recipient’s point of view.

Help your management and users understand how IT works in your unit. The process of selecting and delivering IT services and support in your unit may be much more relevant than the details of the technology.

• Communicate with your management/leadership and users. Both groups depend on you to understand and deliver IT services or support. Be prepared to explain the underlying rationale.
• Don’t assume that people understand the process. Don’t assume that you understand the process. Examples:
  • How are decisions made? By whom?
  • Why are certain things necessary?
  • What are the available options?
  • Why are some things more efficient and effective than others?
  • Why do some things take more time than others?
• Explain in terms your audience will understand.
  • Know your audience. They are not monolithic, and their needs will change and evolve.
  • Avoid jargon and acronyms unless you are sure the audience knows what they mean. Consider signing up for plain language training.
  • Be patient and understanding.
• Document procedures and decisions, especially if people have similar questions and issues. Make the documents easy to find and communicate where people can find relevant documents.

Change management involves more than technical changes. The impact on people requires attention throughout the process.

• Fully understand the risks of how making (or not making) changes can positively or negatively affect your professional relationships. Seek advice from your colleagues who have performed similar changes on how to engage with your stakeholders.
• Whenever possible, inform people who will be affected before you change something. Provide as much lead time as possible.
• Make sure people understand the implications of the change. The possible consequences of the change might not be obvious to them.
• Be sure you are authorized before you make changes to computers, devices or applications. Authorization can take many forms, which may vary among the people and units you support. For example, you could have an ongoing blanket authorization to make necessary changes or a specific authorization to make a single change.
• Protect data before making changes. It may not be enough to rely on routine backups. Sometimes, you must use more specific protection.
• In an emergency that requires immediate changes, inform users as soon as possible afterward.

IT professionals regularly see and work with sensitive or personal information. Elevated privileges to systems or applications may expose you to information you would not otherwise have access to.

• Respect confidentiality and privacy when encountering sensitive or personal information during work.
• Don’t deliberately access data without authorization and need.
  • The data owner or data steward may authorize access.
  • The Office of Legal Affairs can authorize your access in response to legal requirements or requests.
  • From the policy on Access to Faculty and Staff Electronic Files: Computer system administrators are authorized to access data during the routine maintenance of campus computer or communication systems or the rectification of emergency situations that threaten the integrity of campus computer or communication systems, provided that use of accessed data is limited solely to maintaining or safeguarding the system.
• Know what to do when incidental access reveals possible violations of law or policy.
  • Don’t discuss it with colleagues or users. Don’t investigate further unless you are specifically authorized to do so by the Office of Legal Affairs. The incident response team in the Office of Cybersecurity may communicate that authorization.
  • Get expert advice from your supervisor; HR department; CIO or IT director of your school, college or division; the UW Chief Information Security Officer or CIO; or the Office of Legal Affairs. Contact someone on that list with whom you are willing to discuss the matter.

Standards can provide clarity and consistency for your users and colleagues, make your systems more interoperable, support policy needs, and help your successors build upon the work you’ve done. Formal and informal audits are measured against standards.

Standards may have some built-in flexibility. Carefully distinguish between the requirements and the recommendations and understand how they work in your unit.

When multiple standards could apply to your situation, consider the following when selecting a course of action:

• Seek advice from your colleagues in your unit, Cybersecurity and other IT units on campus.
• Carefully consider local needs and the implications of selecting a different standard than the default, common, or recommended standard.
• Some standards are mandated by law or other regulatory needs.

Support campus efforts to resolve differences when a lack of standardization or common solutions is causing problems. Consider how you could adopt a proposed standard or common solution, even if it isn’t perfect. Get involved and represent your unit’s and users’ needs by serving on the campus IT Policy group.

Learn how IT works at UW–‍Madison. While you are a new employee, participate in onboarding activities in your unit and at the campus level. Attend seminars and events to make contact with your colleagues in other units. Participate in the IT Mentoring program or other campus mentoring and coaching opportunities. Learn about IT Connects to find ways to get involved.

1. All UW–Madison employees must complete Cybersecurity Awareness Training annually.
2. You must complete Sexual Harassment Training in your first 30 days as a UW–Madison employee. You may have to renew this training every 3 to 4 years, depending on HR policies.

Note: You must complete the above courses to receive raises as an employee of the Universities of Wisconsin.

Discuss professional development with your supervisor and colleagues. Prepare carefully when participating in the Performance Management and Development Program (PMDP), as these are rich opportunities for expanding your career-based skillset. Consider attending one national or regional conference or similar event each year. Participate in collaborative opportunities such as development teams, advisory teams, various planning committees and IT governance. Consider obtaining certifications that advance your career goals. Advocate for yourself to be involved. Ask your supervisor for permission to participate and encourage your colleagues to participate. Look for virtual or in-person opportunities.

UW–Madison recognizes that people are the highest value of a successful organization. Since UW’s information and technology community is highly distributed, UW IT Connects and the groups therein provide diverse engagement, leadership, relationship-building and professional development opportunities for our community to learn and grow together. They offer opportunities to expand your knowledge, mentor a colleague, help organize a conference, start a new or engage in an existing community of practice and help create serendipitous connections between colleagues.

IT Connects identified the following shared values as guideposts for the work of all groups:

• Accessibility
• Awareness
• Belonging
• Communication
• Community
• Connection
• Diversity
• Encouragement
• Engagement
• Equity
• Inclusion
• Learning
• Recognition
• Respect
• Serendipity
• Support
• Visibility