POLICY: Information Technology - Automated Governance System (AGS) Policy POLICY URL: https://lsi-ac.uk/policy/499c566e-0845-4e10-b9f8-ecd5ff3afd84 POLICY STATEMENT: The School is committed to ensuring the Automated Governance System (AGS) is used effectively to support its teaching, learning, and administrative processes. This policy guarantees that the AGS operates with integrity, privacy, and accountability, adhering to data protection regulations. All staff and students must utilise the AGS as intended, upholding accuracy and responsible management to align with the School’s strategic goals. POLICY PRINCIPLES: ------------------ - Integrity : Ensuring the accuracy and integrity of data processed by the AGS; - Transparency : Maintaining transparency in the automating processes and decisions; - Accountability : Holding system administrators accountable for the functioning of the AGS; - Security : Protecting personal and institutional data from unauthorised access; - Compliance : Adhering to relevant laws and regulations regarding data protection and privacy; - Efficiency : Enhancing operational efficiency through the use of AGS; - Inclusivity : Considering the diverse needs of all system users during implementation and maintenance; - Reliability : Maintaining the AGS to a high standard to ensure its reliability; - Review : Conducting regular reviews of AGS performance and effectiveness; - Training : Providing adequate training for all users of the AGS; - Support : Offering timely support for any issues arising from AGS use; - Continuous Improvement : Committing to the ongoing development and improvement of the AGS. REGULATORY CONTEXT: ------------------ This Policy has been developed in line with the applicable laws, regulations, regulatory advice, and sector best practices, including the following: R1. Quality Assurance Agency (QAA): Advice - Learning and Teaching - R2. UK Government : Data Protection Act 2018 - Legislation aimed at controlling the processing of personal data, laying down principles with respect to the processing of personal data, and the rights of data subjects R3. JISC (Joint Information Systems Committee): Digital Infrastructure Guidelines - Guidelines for universities and colleges in the UK on how to manage their digital infrastructure. R4. Quality Assurance Agency (QAA): The Quality Code - This code represents a shared understanding of quality practice across the UK higher education sector, protecting public and student interests and championing the UK's reputation for quality. R5. Information Commissioner's Office (ICO): Guide for higher education institutions - Provides guidance for higher education providers on their obligations under data protection law. R6. Office for Students (OfS): Regulatory Notices and Advice - Regulatory notices are additional information about OfS' regulatory requirements and are part of the regulatory framework. Regulatory advice helps providers understand and meet OfS requirements. METRICS: ------------------ The following metrics will be measured and regularly reviewed as performance indicators for the School to ensure the effectiveness of this policy and associated operations: M1. Incident Resolution Time: Average time taken to resolve reported issues or system incidents, measured monthly. Target: <24 hours. Minimises disruptions to teaching and administrative processes, ensuring timely support. M2. Support Ticket Volume: Number of support tickets submitted by users each month, with a target of <50 tickets per month. Helps gauge the volume and nature of issues users face, indicating areas needing improvement or additional support. M3. System Update Frequency: Number of scheduled system updates implemented per year, with a target of at least 4 major updates. Keeps the AGS up-to-date with the latest features and security patches, enhancing system performance and protection. M4. System Uptime: Percentage of time the AGS is fully operational and accessible, measured monthly. Target: 99.9% uptime. Ensures system reliability and availability, directly impacting teaching, learning, and administrative functions. M5. User Satisfaction Score: Average rating given by staff and students on the AGS user experience, collected through surveys after each academic term. Target: 4.5/5. Reflects the system’s effectiveness and user-friendliness, crucial for engagement and productivity. SECTION 1: Role and Function of the AGS ------------------ 1.1. Use of the AGS: The AGS enables:; Processing of admissions and creating secure student records, including Learning Support Plans; Managing programme and module approvals and modifications to ensure academic quality; Collecting metrics for monitoring strategy and operations; Handling assessments and standards, including requests for extenuating circumstances, marking, scrutiny, examination boards, and conferment; Coordinating misconduct and exclusion processes; Ensuring accurate information for consumer protection; Managing student support and well-being; Ensuring good governance and compliance; Measuring performance effectively; All activities involving the AGS align with the School’s regulations and policies, including IT Regulations, Data Protection Policy, and AI Policy; This rule ensures that the AGS is used correctly to uphold the School’s mission, maintain academic standards, and meet regulatory and policy requirements. It supports efficient operations, good governance, and compliance, while also addressing key areas such as student support and performance measurement. SECTION 2: AGS in Its Capacity as a Learning Management System ------------------ 2.1. Accessible Learning (by Director of Education): The AGS is essential for the School’s teaching and learning. It functions as an online learning management system (LMS) that provides students with access to customised learning tools. The AGS hosts programme and module pages, where students can find comprehensive information, including:; Programme and module descriptors; Learning outcomes; Weekly chapters and activities; Summative assessment briefs; The AGS is integral to the School’s educational approach, enabling efficient and tailored learning experiences. It centralises all relevant programme and module details, facilitating easy access and effective management of academic content. 2.2. Integration of AI in Teaching and Learning (by Module Leader): The School integrates AI into all module teaching activities accessed via the Automated Governance System (AGS). Each week, students engage in a personalised learning experience through AI-driven automation. This includes:; Using intuitive knowledge graphs and AI in teaching; Navigating a bespoke environment with pre-designed challenges; Receiving specific feedback from a virtual mentor; This method helps students identify areas for improvement and develop skills effectively. It offers a dynamic, engaging learning experience that simulates real-life interactions, contrasting with traditional sequential learning; Incorporating AI into teaching enhances the educational experience by personalising learning and providing immediate feedback. This approach fosters a deeper understanding of how concepts interact, making learning more engaging and applicable to real-life scenarios. SECTION 3: Compliance with Accessibility Standards and WCAG ------------------ 3.1. Adherence to Web Content Accessibility Guidelines (WCAG) (by CTO): The School adheres to the Web Content Accessibility Guidelines (WCAG), focusing on the following key principles:; Perceivability : Ensuring images are accessible in various formats and using appropriate fonts; Operability : Facilitating easy navigation; Understandable : Ensuring text is clear and appropriately written; Robust : Ensuring the AGS functions effectively across different media and platforms, including mobile devices; For more information, visit: WCAG Guidelines; Following WCAG standards ensures that the AGS is accessible to all users, regardless of their needs or the technology they use. This commitment supports inclusivity and effective usability across various devices and platforms. 3.2. WCAG Accessibility and Compliance by Design (by CTO): To ensure WCAG compliance, the School:; Integrates WCAG principles into its design processes from the outset; Considers WCAG requirements explicitly during development and build phases; Tests for WCAG compliance at every stage of development; Requires WCAG compliance sign-off before any changes or additions go live; Incorporating and verifying WCAG standards throughout development ensures that all digital content is accessible to all users, enhancing inclusivity and usability. This systematic approach helps meet accessibility requirements and avoid issues at later stages. 3.3. Monitoring and Improving Accessibility Compliance (by CTO): The School will monitor accessibility through feedback and monitoring mechanisms, including:; Module leader consultations; Wellbeing and LSP consultations; PAT consultations; MyLSI platform; Student surveys; Accessibility will be a component of module and programme surveys. The Chief Technology Officer (CTO) is responsible for reviewing WCAG compliance, reporting findings, and recommending improvements based on feedback. The CTO will collaborate with the IT team to develop and implement an action plan, ensuring changes are effective through stakeholder consultation; Using multiple feedback sources and monitoring mechanisms provides comprehensive data on accessibility, ensuring that issues are identified and addressed. The CTO’s role in overseeing compliance and recommending improvements ensures continuous enhancement of accessibility standards. SECTION 4: Ensuring Operational Transparency and Effectiveness through AGS ------------------ 4.1. Performance Metrics and Reporting (by Executive Committee): The School's regulations, policies, and procedures include specific metrics to assess KPIs and overall effectiveness. Designated owners must report on these metrics. Reports are compiled and presented to governing bodies, particularly during the annual review, to evaluate strategy and adjust policies, regulations, procedures, and resources as needed. The AGS captures these metrics to evaluate performance and support continuous improvement; This approach ensures that KPIs are consistently measured and reported, facilitating strategic evaluation and timely adjustments to enhance effectiveness and drive ongoing improvements. 4.2. Enhancing Governance Efficiency with the AGS (by CTO): The AGS supports the School’s Boards, Departments, and Committees by providing a reliable and efficient online system. This system ensures robust and transparent operations, as outlined in the School’s regulations and policies; A dependable online system like the AGS is crucial for the effective and transparent operation of the School’s governance structures. It aligns with the School’s regulations and policies, ensuring smooth and clear processes. 4.3. Committee and Board Meeting Procedures (by Executive Committee): All committee and board meetings must be scheduled through the AGS to ensure efficiency and facilitate auditing. The AGS is used to:; Create meeting agendas, distribute materials, and track attendance; Conduct meetings remotely via Microsoft Teams, the School’s approved software, to maintain accurate records; Store agendas, attendance records, meeting records, and minutes transcripts securely in the AGS for effective auditing; The AGS ensures:; Meetings are automatically transcribed and securely stored to provide a complete audit trail; Transcripts are sent to participants within 4 working hours after the meeting; Manual minute-taking is not required, though personal notes are permitted; A draft AI-generated list of action points is shared on the AGS and notified via email; Participants can correct any errors within 5 working days; The Chair approves final action points and tasks within 5 to 10 working days of the meeting; The AGS also ensures:; Meetings are recorded and securely stored, with access restricted to authorised users only, maintaining confidentiality; Participants are reminded at the start of meetings that recordings will be made for audit purposes; New board or committee members must consent to this policy upon acceptance; Video recordings are not publicly accessible but can be requested by regulators and specific committees, supporting transparency and effective audit trails; Utilising the AGS for scheduling and documentation ensures streamlined meeting organisation, accurate record-keeping, and robust audit trails. Automated transcription and secure storage provide transparency and support compliance, while maintaining confidentiality and facilitating effective follow-up on action points. 4.4. Responsibility for AGS Performance and IT Support: Operations (by CTO): All staff are responsible for measuring performance and providing feedback to the It Team to enhance the AGS, ensuring it effectively supports the School’s operations and meets the needs of students and staff. The AGS is crucial to the School's functions; The IT Team, managed by the CTO, oversees system reliability. Staff and students must have access to timely support from the IT Team during normal School hours, Monday to Friday, from 9 am to 4 pm; Regular performance measurement and feedback ensure that the AGS continues to support the School’s needs effectively. Reliable IT support is essential for maintaining system functionality and addressing issues promptly, thereby facilitating smooth operations and optimal user experience. SECTION 5: Adherence to IT Regulations in the Use of AGS ------------------ 5.1. Compliance with IT Facility Regulations (by All staff and students): All use of the School’s IT facilities, including the AGS, must adhere to external and internal regulations, such as data protection, cyber security, copyright, and defamation laws, as well as the School’s own IT regulations. These regulations are accessible via the website and AGS; Users are required to read, understand, and comply with all relevant provisions. Ignorance of the law is not an excuse for unlawful behaviour. When accessing services from abroad, users must comply with both the local laws of that country and English laws, alongside the School’s regulations; When using third-party online services, users must also follow the service provider’s regulations, terms, and conditions, whether accessed directly, through the School, or via a Jisc agreement. Violations of the law or third-party regulations will be considered breaches of the School’s IT regulations; These rules ensure that all IT facility use complies with legal and regulatory requirements, protecting privacy, security, and integrity, while minimising risk. Adhering to these provisions is essential for lawful and effective use of IT resources, both domestically and internationally. SECTION 6: Commitments to Data Protection ------------------ 6.1. Data Protection and Compliance with the AGS (by CTO): The School processes personal information to support its core functions, including teaching, administration, and compliance with legal obligations. This includes data related to applicants, students, employees, alumni, supporters, partners, suppliers, and research participants; The School is committed to transparency and accessibility while ensuring efficiency, legality, security, and confidentiality in handling personal data. The Data Protection Policy aligns with the Data Protection Act 2018 (DPA), aiming to minimise risks of breaches, which could lead to harm, reputational damage, financial penalties, or investigations by the Information Commissioner; The AGS supports the School in meeting its data protection obligations by processing and storing data according to the DPA principles: lawfulness, fairness, transparency, and legitimate purpose. The AGS ensures secure data handling, accountability, and proper data stewardship. It supports lawful data processing, including fulfilling contractual obligations, and upholds data subjects' rights, including access to their data; The CTO, a member of the Executive Committee and Senior Information Risk Owner (SIRO), oversees the AGS, working closely with the School's Data Protection Officer; This rule ensures compliance with data protection legislation and promotes efficient, secure, and transparent handling of personal data. By using the AGS, the School effectively manages data in line with legal requirements, reducing the risk of breaches and supporting data subject rights. 6.2. Data Retention and Security of Meeting Records (by CTO): The AGS ensures:; All meeting records are stored in the AGS according to the data retention policy; Records are kept in an encrypted format, with access restricted to authorised users; Meeting records may be deleted or destroyed after a specified retention period, as outlined in the data retention policy, or as required by regulators, courts, or government authorities; This rule guarantees that meeting records are securely stored and managed in compliance with data protection regulations. By following the data retention policy and ensuring encrypted storage with restricted access, the AGS upholds data security and meets legal and regulatory requirements. 6.3. Recording User Interactions for Compliance (by CTO): User interactions with the AGS are recorded to facilitate compliance and auditing on a case-by-case basis; This rule ensures that user interactions are documented to support compliance with regulations and enable effective auditing when required. SECTION 7: Integration of IT Infrastructure Management Policy with AGS ------------------ 7.1. Application of IT Incident Response Plan (by CTO): The Information Technology (IT) Infrastructure Management Policy, including the IT Incident Response Plan for crisis management, applies to all systems, including the AGS; This ensures that the IT Incident Response Plan governs the management of any crises affecting the AGS, maintaining consistent and effective handling of IT incidents across all systems.