Guidelines, Best Practices & Advice for UW–Madison IT Professionals

Each department or discipline has a unique culture, requiring a unique approach to delivering IT services and support. Take time to understand the unit you are working in. Understand where it fits into the campus organization and what motivates people.

• To gain a broader understanding of your people, develop relationships with key people in your unit and related groups.
• Consider groups or identities that aren’t represented among people with whom you interact. Proactively engage those underrepresented groups to ensure that you are being inclusive in your service design and identifying potential biases in the services and technologies you support.
• Each facet of a unit – administration, teaching, and research – will have its own needs and priorities. Consider meeting with each group in your unit on a regular basis, perhaps annually or semi-annually.
• Let people’s needs drive the solutions, as much as possible while operating within the standards and policies that apply to a given situation. Help find and apply IT solutions to those needs, while taking into account such things as best practices, cost, policy, and technology trends.
• Be relevant to your people. Spend time with them. Don’t assume you know. Learn their goals and priorities.
• Understand their timeline, their deadlines, and the lifecycle of their work. If you don’t know, ask.
• Remote support has become an increasingly important part of managing a modern workforce and many people are themselves working remotely.  Avail yourself of the tools available in your unit to provide remote support and set poeple’s expectations about how and when this support is provided.

Your communications should be transparent, timely, deliberate, and understandable.

• Practice transparency. Clearly communicate the choices you are making. Provide rationale.
• Some people prefer frequent updates on the status of their IT requests. Even if you don’t have an answer, you could let them know you are still working on their request.
• Plan your communication strategy before you need it. Develop contact lists. Tell people where to find information and get status updates and outages information.
• Be aware of available communication channels such as in-person meetings, email, chat, or social media. Choose appropriate channels for your message and audience. Consider channels that you haven’t used before.
• Understand your audience. Plan your communications and review them from the recipients’ point of view.

Help your management and users understand how IT works in your unit. The process of selecting and delivering IT services and support in your unit may be much more relevant than the details of the technology.

• Communicate with your management and users. Both groups are depending upon you to understand and deliver IT services or support. Be prepared to explain the underlying rationale.
• Don’t assume that people understand the process. Don’t assume that you understand the process. Examples:
  • How are decisions made? By who?
  • Why are certain things necessary?
  • What are the available options?
  • Why are some things more efficient and effective than others?
  • Why do some things take more time than others?
• Explain in terms your audience will understand.
  • Know your audience. They are not monolithic and their needs will change and evolve over time.
  • Avoid jargon and acronyms, unless you are sure the audience knows what they mean.
  • Be patient and understanding.
• Document procedures and decisions, especially if people have similar questions and issues. Make the documents easy to find and communicate where relevant documents are located.

Change management involves more than the technical changes. The impact on people requires attention throughout the process.

• Fully understand the risks of how making (or not making) changes can positively or negatively affect your professional relationships. Seek advice from your colleagues who have performed similar changes on how to engage with your stakeholders.
• Whenever possible, inform people who will be affected before you change something. Provide as much lead time as possible.
• Make sure people understand the implications of the change. The possible consequences of the change might not be obvious to them.
• Be sure you are authorized before you make changes to computers, devices, or applications. Authorization can take many forms. which may vary among the people and units you support. For example, it could be an ongoing blanket authorization to make any necessary changes, or it could be a specific authorization to make a single specific change.
• Protect the data before making changes. Relying upon routine backups may not be sufficient. There are situations where more specific protection is required.
• In an emergency situation that requires immediate changes, inform users as soon as possible afterward.

IT Professionals are regularly exposed to sensitive or personal information. Elevated privileges to systems or applications may expose you to information you would not otherwise have access to.

• Respect confidentiality and privacy when you come across sensitive or personal information during the course of your work.
• Don’t deliberately access data without authorization and need.
  • The owner of the data or the data steward of the data may authorize access.
  • UW–‍Madison Office of Legal Affairs can authorize access in response to legal requirements or requests.
  • From the policy on Access to Faculty and Staff Electronic Files: Computer system administrators are authorized to access data during the routine maintenance of campus computer or communication systems or the rectification of emergency situations that threaten the integrity of campus computer or communication systems, provided that use of accessed data is limited solely to maintaining or safeguarding the system.
• Know what to do when incidental access reveals possible violations of law or policy.
  • Don’t discuss it with colleagues or users. Don’t investigate further unless you are specifically authorized to do so by the UW–‍Madison Office of Legal Affairs. The Incident Response team in the Office of Cybersecurity may communicate that authorization.
  • Get expert advice from at least one of: your supervisor, your HR department, your school, college, or division CIO or IT director, the UW–‍Madison CISO or CIO, or UW–‍Madison Office of Legal Affairs. Contact someone on that list with whom you are willing to discuss the matter.

Standards can provide clarity and consistency for your users and colleagues, make your systems more interoperable, support policy needs, and help your successors build upon the work you’ve done.  Formal and informal audits are measured against standards.

Standards may have some built in flexibility. Carefully distinguish between the requirements and the recommendations and understand how they work in your unit.

When there are multiple standards that could apply to your situation, consider the following when setting a course of action:

• Seek advice from your colleagues, in your unit, in Cybersecurity, and in other IT units on campus.
• Carefully consider local needs and the implications of selecting a different standard than the default, common, or recommended standard.
• Some standards are mandated by law or other regulatory needs.

Where a lack of standardization or common solutions is problematic, support campus efforts to resolve differences. Consider how you could adopt a proposed standard or common solution, even if it isn’t perfect. Get involved and represent the needs of your unit and users by serving on the campus IT Policy group.

Learn how IT at UW–‍Madison works. Participate in onboarding activities in your unit and at the campus level. Attend seminars and events to make contact with your colleagues in other units. Participate in the IT Mentoring program or other campus mentoring/coaching opportunities.

1. Cybersecurity Awareness Training. Required annually for all UW–Madison employees.
2. Prevention of Sexual Harassment Training. Required in your first 30 days on campus, may be required to renew this training every 3-4 years, based on HR policies.

Discuss professional development with your supervisor and colleagues. Consider attending one national or regional conference or similar event each year. Participate in collaborative opportunities such as development teams, advisory teams, and IT governance. Consider obtaining certifications that advance your career goals. Advocate for yourself to be involved. Look for virtual or in-person opportunities.

UW–Madison recognizes that people are the highest value of a successful organization, and given that the information and technology community at UW–Madison is highly distributed, UW IT Connects and the individual groups therein provide diverse engagement, leadership, relationship building, and professional development opportunities for our community to learn and grow together. There are opportunities to grow your knowledge, mentor a colleague, help organize a conference, start a new or engage in an existing community of practice, and help create serendipitous connections between colleagues.

IT Connects identified the following shared values as guideposts for the work of all groups:

• Awareness
• Connection
• Equity
• Serendipity
• Belonging
• Diversity
• Inclusion
• Support
• Communication
• Encouragement
• Learning
• Visibility
• Community
• Engagement
• Respect
• Recognition
• Accessibility