arrow_circle_left Back to All Policies

Enterprise Information Systems Updates

JSCC Policy Number: 1.08.01.00

TBR Policy Reference: 1:08:01:00

TBR Guideline Reference: Not Applicable

Approved By: President's Cabinet

Original Date Effective: 2015-02-02

Last Modified: 2023-07-10

Responsible Office: Office of Information Technology

Purpose 

The purpose of this policy is to establish minimum standards of expectations related to maintaining appropriate software versions and upgrades within the institutional infrastructure.

Definitions 

Third-party products – Software applications that integrates with, or are ancillary to, the ERP system.

ERP quarterly updates – Software updates to the existing ERP system that are developed, tested, approved, and released by the SMO each quarter.

Oracle patches and updates – Patches, fixes, and updates for the Oracle Database Server and related components that are released by Oracle on a quarterly basis. These updates may be released off schedule if considered critical.

Critical updates – Widely released software fixes that address specific, serious bugs, problems or defects in a system or application. Sometimes referred to as critical hotfixes or critical patches.

Policy 

Introduction

 Enterprise information systems and components used at Jackson State Community College shall have an established schedule of   updates/patches/maintenance to ensure that systems, data, and personal identifiable information (PII) are adequately protected.

Scope

  1. Enterprise information systems covered by this policy:
    1. ERP quarterly updates released by the Ellucian Satellite Maintenance Organization (SMO) shall be installed in their entirety according to the adopted schedule. Jackson State Community College shall not be more than one version behind the current ERP vendor-certified release and shall make every effort to maintain the latest version release every quarter.
    2. Oracle patches and updates shall be installed according to the adopted schedule. The institution shall not be more than one version behind the ERP vendor-certified Oracle release.
    3. Critical updates, patches or hotfixes shall be applied in a timely manner in accordance with institutional needs and requirements, and to minimize (and preferably avoid) unduly exposing the institutions to unnecessary risk.
    4. Third-party products supported on the individual campuses must be maintained at a minimum vendor-supported version.

Exceptions

  1. Exceptions to items 1 and 2 under Section I. A. above (Enterprise Information Systems Covered by this policy) must be approved by the President/CEO or his/her designee and filed with the Chancellor and System CIO if applicable.
  2. Other exceptions to this policy may be approved by the President/CEO or his/her designee and the CIO at Jackson State Community College.
  3. Each exception must be documented in detail and retained for future review.
  4. External application and system hosting vendors shall conform to Jackson State’s requirements with written exceptions being made as necessary based on the abilities and contractual obligations between the institution and the hosting vendor.