1. Knowledge Base
  2. Institutional Integrity and Risk Management
  3. Ethics and Policy Office
  4. Policy Framework

Policy Framework

Title

University of North Carolina at Chapel Hill Policy Framework

Introduction

Purpose

The Policy Framework sets behavioral expectations across the University of North Carolina at Chapel Hill (“University”) and empowers members of the University community with the knowledge, protection, and flexibility they need to perform their day-to-day roles and responsibilities within certain defined boundaries. The Policy Framework also constrains members of the University community outside of those defined boundaries, thus reducing Institutional Risk. Finally, the Policy Framework shifts the University to a more proactive policy development and risk management model by:

  • formalizing the process by which Policies, Standards, and Procedures (“Policy Documents”) are developed, approved, reviewed, published, updated, communicated, and retired;
  • promoting consistency, efficiency, and transparency; and
  • reflecting best practice in higher education.

Scope of Applicability

This Policy applies to all University Units.

Policy

Policy Oversight

Oversight of all Policies at the University rests with the University Chancellor. The Chancellor has delegated the management of University Policy Documents to the Office of Ethics and Policy.

The Chancellor retains the right to determine exceptions, appoint permanent or ad-hoc committees for review or approval, or otherwise act to ensure Policies are aligned with the University's mission.

Issuing Officers

Required Number of Issuing Officers per Policy Document

Every University and Unit Policy Document must have a single Issuing Officer, even if multiple Units have some interest or stake in the document.

Persons Allowed to Be Issuing Officers

University Policy Documents

The allowable Issuing Officers for University Policy Documents are the Chancellor, Provost and the Provost's direct reports, Vice Chancellors, Deans, the Director of Athletics, the Director of Internal Audit, and their designees.

Unit Policy Documents

Issuing Officers for Unit Policy Documents are selected by the issuing Unit and may include the Unit Head or their designee.

Updating an Issuing Officer

If an Issuing Officer changes roles or leaves the University, the Unit Head of the Unit responsible for managing the document, or that person's designee, must immediately select either a new Issuing Officer or an individual in the Unit to manage the document in the interim while a new Issuing Officer is being selected.

Creating New Policy Documents

Recommended Criteria for Writing New Policy Documents

The decision to create a new University or Unit Policy Documents is ultimately up to the Unit responsible for administering the Policy. The best practice is to write Policies that address "significant organizational problems with reasonably clear causes."1 Organizational problems can be internal (e.g. bad behavior, human error) or external (e.g. regulation, public opinion, or liability).

Policies should be written in response to organizational problems that occur repeatedly and/or are consequential. Policies should not be written "in response to extreme events, to a handful of people, or even to a particular employee."2

Restrictions on Creating Unit Policy Documents

Units must not create Unit Policy Documents when prohibited from doing so by an existing Board of Trustees, Board of Governors, UNC System, or University Policy.

Reviewing and Updating Existing Policy Documents

University Policy Documents

Minimum Review Interval

Issuing Officers or their designee(s) must complete a comprehensive review of each of their University Policy Documents at least every three (3) years.

Review Criteria

The comprehensive review must include an assessment to ensure each University Policy Document:

  • complies with any relevant governing laws and regulations;
  • aligns with the criteria established in the “Formatting Policy Documents” section of this Policy Framework; and
  • has updated contact information, links to related documents or information, names of Units, and related non-substantive content.
Technical Corrections

Technical corrections to address typos, broken hyperlinks, etc. do not require the issuing Unit to initiate a comprehensive review.

Unit Policy Documents

The Office of Ethics and Policy does not require, but strongly recommends, Units develop, publish, and adhere to similar review intervals and criteria for Unit Policy Documents.

Conflicts Between University and Unit Policy Documents

Units must not create Policy Documents that are less restrictive than existing University Policies. However, Units may create Unit Policy Documents that are more restrictive than University Policy Documents.

If a University Policy Document is created or updated and is more restrictive than an existing Unit Policy Document, the University Policy Document is the controlling version.

Formatting Policy Documents

Units may contact the Office of Ethics and Policy for assistance when formatting Policy Documents.

New University Policy Documents

All new University Policy Documents must meet the following three formatting criteria:

  1. be documented in writing,
  2. comply with the Style Guide published by the Office of Ethics and Policy, and
  3. use the latest templates provided by the Office of Ethics and Policy.

These criteria are intended to ensure all University Policy Documents have a consistent “look and feel” and are easy to understand for audiences with a wide range of backgrounds and education levels.

Existing University Policy Documents

Units must ensure all legacy University Policy Documents meet the same three criteria when the content undergoes its next revision unless the Office of Ethics and Policy grants an exemption in writing per this Policy.

The Office of Ethics and Policy will only grant an exception if an external legal or regulatory body requires a Policy Document to be formatted in a way that does not comply with the University templates. Contact the Office of Ethics and Policy if you believe you require an exemption.

Unit Policy Documents

The Office of Ethics and Policy does not require, but strongly recommends, Units also format their Unit Policy Documents according to these criteria.

Approving Policy Document Drafts

All draft University and Unit Policy Documents must follow the approval steps outlined in the University's Procedure for Policy Management.

Publishing Policy Documents

University Policy Documents

Electronic University Policy Repository

All University Policy Documents must be published by the Office of Ethics and Policy in the electronic University Policy Repository.

Duplicate University Policy Documents

The Office of Ethics and Policy does not require, but strongly recommends, that Units not publish duplicate copies of Policy Documents (in electronic or hardcopy formats) outside the electronic University Policy Repository unless required to do so by an external legal or regulatory body.

Conflict Between Versions of Policy Documents Published in the Electronic University Policy Repository and Any Other Version

In the event of a discrepancy between the version of a Policy Document in the electronic University Policy Repository and any other version, the version in the electronic University Policy Repository is the controlling version.

Unit Policy Documents

The Office of Ethics and Policy does not require, but strongly recommends, that Units also publish their Unit Policy Documents in the electronic University Policy Repository to help create a comprehensive resource of all Policy Documents at the University.

Linking to Policy Documents Published in the Electronic University Policy Repository

All written and electronic communications (including, but not limited to websites, emails, social media posts, presentations, and printed materials) referring to a University or Unit Policy Document hosted in the electronic University Policy Repository must link to the document hosted in the electronic University Policy Repository so that individuals searching for Policy Documents always access the controlling version.

Retiring Policy Documents

A University or Unit Policy Document may need to be retired, rather than revised, as operational or regulatory requirements evolve.

University Policy Documents

Units must follow the process listed in the University Procedure for Policy Management to retire their University Policy Document.

Unit Policy Documents

Unit Heads have discretion to retire any Unit Policy Document and may use any process acceptable to the Unit that complies with the University’s Records Management Policy.

Consequences for Lack of Compliance with Publication, Review, and Formatting Requirements

University Policy Documents that do not adhere to the publication, review, and formatting requirements described in this Policy Framework may be retired at the discretion of the Office of Ethics and Policy in coordination with the Executive Policy Approval Committee (EPAC).

Roles and Responsibilities

Office of Ethics and Policy

The Office of Ethics and Policy oversees the publication, day-to-day coordination, and review of Policy Documents in alignment with the Policy Framework. The Office of Ethics and Policy designates Units requiring a Policy Liaison, maintains a list of those Units and Policy Liaisons, and coordinates with Unit leaders to facilitate selection of an appropriate staff or faculty member to serve as Policy Liaisons.

The Office of Ethics and Policy may, at its discretion and with agreement of the appropriate Policy Liaison and Issuing Officer or their designee, change the formatting of Policy Documents, including migrating them into the official University templates, without initiating a comprehensive policy review.

The Associate Director of the Office of Ethics and Policy serves as the University Policy Review Committee (PRC) Chair.

Policy Review Committee

PRC membership, authority, and responsibilities are defined in the PRC Charter published on the Office of Ethics and Policy website.

Policy Liaisons

Policy Liaisons responsibilities are defined in the PRC Charter published on the Office of Ethics and Policy website.

Unrepresented Units

University Units with no designated Policy Liaison may designate any full-time staff member responsible for Policy management to work with the Office of Ethics and Policy. The Office of Ethics and Policy and PRC must facilitate and assist these Units as needed to ensure access to the Policy process and coordination with University Policy activities.

PRC Chair

PRC Meetings

The PRC Chair is responsible for the following:

  • scheduling PRC meetings;
  • inviting all relevant stakeholders to PRC meetings;
  • preparing PRC meeting agendas and sharing those agendas with all relevant stakeholders at least one (1) week before the PRC meeting to ensure Policy Liaisons have the opportunity to formulate thoughtful, substantive feedback prior to the PRC meeting, and to solicit similar feedback from their Unit stakeholders prior to the PRC meeting;
  • moderating the discussion during PRC meetings;
  • taking notes, or appointing someone to take notes, during PRC meetings; and
  • posting PRC meeting agendas and notes on the Office of Ethics and Policy website following each PRC meeting.
Tasking the Executive Policy Approval Committee (EPAC)

The PRC Chair must task the EPAC to review any new University Policy.

The PRC Chair may also task the EPAC if a proposed update to an existing University Policy meets either of the following criteria:

  1. if the Unit does not accept substantive feedback from PRC and, in the opinion of the PRC Chair, that failure to accept feedback creates Institutional Risk for the University; or
  2. if the PRC Chair deems the content of the University Policy creates extraordinary Institutional Risk for the University.

Executive Policy Approval Committee

Membership

The EPAC is composed of a subset of the Chancellor's Cabinet, including: Human Resources and Equal Opportunity and Compliance; Finance and Operations; Office of University Counsel; Office of the Provost, and other representatives as designated by the Chancellor.

Responsibilities

When tasked by the PRC Chair, the EPAC may consult with the Unit Head, the University Policy Officer, the PRC Chair, the University General Counsel, the Vice Chancellor of the Office of Institutional Integrity and Risk Management (IIRM VC), University Communications, their respective designees, and/or other relevant stakeholders.

After this consultation, EPAC may take one of three actions:

  1. Send the University Policy in question back to PRC for additional review, along with a list of specific topics or areas of research to consider;
  2. Authorize the approval of the University Policy; or
  3. Elevate the University Policy to consideration by the Chancellor's Cabinet.

EPAC may elevate a University Policy for the Chancellor’s Cabinet review if, after consultation with the relevant stakeholders listed above, EPAC deems the content of the University Policy creates extraordinary Institutional Risk for the University.

Chancellor's Cabinet

Membership

The Chancellor's Cabinet membership is listed on the Office of the Chancellor's website.

Responsibilities

When tasked by EPAC, the Chancellor's Cabinet may coordinate with the Unit Head, the PRC Chair, the University General Counsel, the IIRM VC, University Communications, their respective designees, and any other relevant stakeholders.

After this consultation, the Chancellor's Cabinet may take one of three actions:

  1. Approve the University Policy with no changes and send the Policy back to the Unit Head for implementation;
  2. Revise the University Policy, approve the revised version, and send the Policy back to the Unit Head for implementation; or
  3. Reject the University Policy.

Additional Processes

Above and beyond the minimum criteria defined in this Policy Framework and in the University Procedure for Policy Management, the Office of Ethics and Policy and Policy Liaisons may opt to add reviewers, public meetings, or other ad-hoc processes as they deem appropriate to ensure that all Policy Documents adopted are well-considered and reflect the University's aspirations and mission.

Interpretation Guidance

The Office of Ethics and Policy is directed to bring clarity, accessibility, and common-sense to Policy management processes at all times. Interpretation of the Policy Framework and related Procedures by the University Policy Officer, PRC Chair, Policy Liaisons, and Issuing Officers should be made in any reasonable way that results in pragmatic, common-sense outcomes, and does not result in change in document purpose or effect without appropriate consideration and approval by officers of the University within the scope of their responsibilities.

Exceptions

Academic Policies

Policies, Standards, and Procedures that meet any of the following three criteria are excluded from this Policy Framework and are instead governed by University faculty via The Faculty Code of University Government:

  1. related to the educational activities of the University;
  2. related to the awarding of academic degrees by the University; and/or
  3. are published in the University Catalog.

This Policy Framework does not change the processes for developing, approving, publishing, updating, or retiring the Policies, Standards, and Procedures established under The Faculty Code of University Government.

Expedited Policies

Criteria

The IIRM VC may approve a University Policy from any campus Unit when legal requirements or significant Institutional Risks exist and there is insufficient time to complete the standard review and approval process before publishing. In such a circumstance, the approved University Policy is effective immediately.

PRC Review of Expedited Policies

The IIRM VC, or their designee, and a representative from the campus Unit responsible for administering the University Policy, must present the Policy and the context around its creation and approval at the next PRC meeting following Policy implementation. Subsequent reviews and revisions to the University Policy must be conducted in a manner consistent with this Policy Framework and the Procedure for Policy Management.

Sensitive Policies

In rare instances, a University or Unit Policy Document may contain “Sensitive Information” (as defined in the University’s Information Security Classification Standard) and should not be published on a publicly-accessible website. Please contact the Office of Ethics and Policy for additional guidance regarding sensitive University or Unit Policy Documents.

Definitions

EPAC: The Executive Policy Approval Committee. Functions as an authorizing step when Policies are referred to the committee.

Institutional Risk: Risk is the possibility of an issue, event or incident occurring and impacting the ability of the university to achieve its mission, strategic goals, and objectives.3 There are four major types of Institutional Risk: financial, legal, operational, and reputational.

Issuing Officer: Individuals authorized to issue Policy Documents.

Material Substantive Revisions ("Major Edits"): Changes which alter the purpose or effect of a document.

Non-Substantive Revisions ("Minor Edits"): Changes which do not alter the purpose of effect of a document. This includes technical corrections.

Policy: A Policy is a written statement that mandates, specifies, or prohibits behavior in order to express basic values of the University, enhance the University's mission, ensure coordinated compliance with applicable laws and regulations, promote operational efficiency, and/or reduce Institutional Risk. A Policy includes criteria as mandated by the Office of Ethics and Policy document templates and must have a single Issuing Officer.

Policy Documents: Includes University and Unit Policies, Standards, and Procedures.

Policy Officer: The Director of the Office of Ethics and Policy. The Policy Officer oversees Policy organization, coordination, review, approval, and publication.

Policy Liaison: Representatives appointed by heads of Units designated by the Policy Officer to perform Policy administration functions both internally for the Unit and collaboratively with the Office of Ethics and Policy.

PRC: The Policy Review Committee. This committee functions as a review step to ensure consistency, quality, and appropriateness of scope for submitted Policy Documents.

Procedures: The process(es) required to accomplish an action necessitating specific instructions. Procedures are not intended to be detailed "help guide" documents, but instead higher-level process documents which can then point to specific and detailed instructions maintained by the appropriate Unit. Procedures often pertain to implementing Policy. Procedures may also provide guidance for behavior on issues that are not dictated by Policy. Procedures are created at the Unit level and changes do not go through the same review or approval process as Policies, but Procedures that impact multiple Units may need additional review or feedback before being implemented.

Sensitive Policies: Those University or Unit Policy Documents that contain Tier 2 or Tier 3 information (Sensitive Information) as defined in the University's Information Classification Standard.

Standards: The minimum acceptable limits or rules that may be used to achieve Policy implementation. While Procedures provide specific instructions for units (e.g, how to use specific applications to encrypt data in the HR department), Standards set overarching minimum requirements that must be met by all (e.g., minimum encryption strength for use with sensitive information throughout the University). Standards may be written as standalone documents or may be included in the body of a related Policy, at the discretion of the issuing Unit. Standards are created at the Unit level and changes are not required to go through the same review or approval process as Policies, but Standards that impact multiple Units may need additional review or feedback before being implemented.

Unit: Any administrative organization that is part of the University of North Carolina at Chapel Hill and is headed by any one of the following: Chancellor, Provost and the Provost's direct reports, Vice Chancellors, Deans, the Director of Athletics, or the Director of Internal Audit.

Unit Policy: Has application only within the issuing Unit (e.g. applies only to Unit employees, staff, students and others working for or studying at the Unit). A Unit Policy can create additional specifications, requirements, or restrictions but cannot contradict a University Policy Document.

University Policy: Applies to two or more Units. A University Policy informs someone outside the issuing Unit of rights and responsibilities, or regulates the actions of the Unit as it interacts with other Units on campus.

Related Requirements

University Policies, Standards, and Procedures

Contact Information

Policy Contact

Office of Ethics and Policy
123 W. Franklin Street, Chapel Hill, NC 27599
Phone: 919-445-8364
Email: policy@unc.edu
Website

Important Dates

Revised versions approved by:

Jen DeNeal, PhD April 18, 2022
Associate Director, Office of Ethics and Policy

Jen DeNeal January 13, 2021
Associate Director, Office of Ethics and Policy

Kim Strom-Gottfried, PhD June 28, 2019
Director, Office of Ethics Education and Policy Management

Initial approval by:

Kim Strom-Gottfried, PhD January 07, 2017
Director, Office of Ethics Education and Policy Management

References

  1. Dehart-Davis, L. (2017). Creating effective rules in public sector organizations. Georgetown University Press. Specifically, see the "When to Write a Rule" section on page 107.
  2. Ibid, p. 108.
  3. University of Massachusetts. (2021). FY 2020 Enterprise Risk Management Report.

Details

Article ID: 132080
Created
Thu 4/8/21 9:23 PM
Modified
Thu 5/5/22 1:41 PM
Effective Date
If the date on which this document became/becomes enforceable differs from the Origination or Last Revision, this attribute reflects the date on which it is/was enforcable.
04/18/2022 12:00 AM
Issuing Officer
Name of the document Issuing Officer. This is the individual whose organizational authority covers the policy scope and who is primarily responsible for the policy.
Issuing Officer Title
Title of the person who is primarily responsible for issuing this policy.
Administrative Director
Last Review
Date on which the most recent document review was completed.
04/18/2022 12:00 AM
Last Revised
Date on which the most recent changes to this document were approved.
04/18/2022 12:00 AM
Next Review
Date on which the next document review is due.
04/17/2023 12:00 AM
Origination
Date on which the original version of this document was first made official.
01/07/2017 12:00 AM
Responsible Unit
School, Department, or other organizational unit issuing this document.
Ethics and Policy Office