Mobile App Developments Policy

Mobile App

Developments

Policy

30/10/2020 Version 1.0

A University wide Mobile App Developments Policy produced by Collaboration Services within the

Information Services Directorate

 
 
 
Table of Contents 
Background ................................................................................................................................. 3 
Strategic context ................................................................................................................................. 3 
Underlying Principles .......................................................................................................................... 3 
Scope .......................................................................................................................................... 4 
Responsibilities ............................................................................................................................ 4 
Governance ................................................................................................................................. 5 
Information Strategy Committee (ISC) ............................................................................................... 5 
Core Policies ................................................................................................................................ 5 
Multi-Platform .................................................................................................................................... 5 
Open Source Technology .................................................................................................................... 5 
Web API server (Integration Hub) ....................................................................................................... 5 
Evaluation & Standards ....................................................................................................................... 5 
User Policies ................................................................................................................................ 6 
In House Builds .................................................................................................................................... 6 
Enterprise & Template APPs ............................................................................................................... 6 
Third Party ........................................................................................................................................... 6 
Management Policies ................................................................................................................... 6 
APP Store Licenses and access ............................................................................................................ 6 
Marketing and Branding ..................................................................................................................... 6 
Cyber Security ..................................................................................................................................... 7 
Data Protection and GDPR .................................................................................................................. 7 
Procurement ....................................................................................................................................... 7 
Review Process ............................................................................................................................ 7 
Appendix ..................................................................................................................................... 7 
Terms of Reference ............................................................................................................................. 7 
 
 
 
 
 
 

3 | P a g e

Background

The Information Services Directorate (ISD) manages the Mobile App Service. This service is

responsible for the development, delivery, hosting, advice and guidance of Mobile Apps for

the University of Strathclyde. This Mobile App Developments Policy outlines key principles

and processes for App development, delivery, collaborations (internal and external), and

provides a framework for the application of these.

Strategic context

This Policy is provided within the context of the ISD Operational Plan 2020/21

To deliver a

truly encompassing, responsive, technological, transparent and effective service which helps

enable the achievement of the University’s goals and aspirations. Its guiding principles are

set out to ensure we are:

• Working collaboratively with faculties, schools and departments and across

professional services.

• Delivering innovative services and solutions in support of the University's strategic

objectives.

• Developing and realising ambitious plans for service development and operational

efficiency commensurate with the University's overall ambitions.

• Being bold in the development of services and governance models which are

effective and efficient, whilst not compromising compliance or quality.

• Providing leadership and interacting with others in a manner which embodies the

people-oriented approach central to the delivery of high-quality services and

supporting the wider community.

Furthermore, this policy follows a Continuous Collaboration

and co-creation approach,

putting our users, particularly our student customers, at the heart of our technologies,

development and delivery. Our evolving goal is for all users of our service to have access to

all the information they need, when they need it, and in any location.

Underlying Principles

1. Ensuring our services are User First

2. Ensuring continuous Collaboration throughout

3. Ensuring we continue to provide Innovative technologies in Users hands

4. Ensuring our services are Location Independent (anytime, anywhere)

5. Ensuring our services are Brand Compliant and follow our Design Principles

6. Ensuring our services are Cyber Secure and from trusted data sources via the

Corporate Integration Hub

7. Ensuring our services are compliant with legislation and regulations such as

Government Accessibility Standards

, GDPR

and App store licensing

https://moss.strath.ac.uk/isd/Documents/ISD%20Overall%20Operational%20Plan%202020-21%20FINAL.pdf

Sminia, H., 2005. Strategy formation as a layered discussion. Scandanavian Journal of Management, Vol 21, p. 267-291

https://www.gov.uk/guidance/accessibility-requirements-for-public-sector-websites-and-apps#accessibility-standards

https://www.gov.uk/government/publications/guide-to-the-general-data-protection-regulation

4 | P a g e

Scope

This policy sits within the wider context of the Information Systems Development Framework

(ISDF) Strategy for 2014-20

and the Information Security Policy

. It aligns with the

University of Strathclyde’s Strategic Plan 2020-2025

, and is of relevance to the University’s

management, academic and professional service staff, students and partners.

Development and delivery of all University, In-house Build Apps, Progressive Web Apps,

Template Apps, Enterprise Apps and Third-party Apps should follow this policy.

See Appendix for terms of reference

Responsibilities

Collaboration Services (CS) manage the Mobile App Service, within the Business Systems

area of ISD. CS are responsible for the Strathclyde APP

, currently the only University

sponsored App. This ‘One Corporate App’ approach has been extremely successful to date

and the team have extensive knowledge and experience upon which to continue to evolve

the Service.

As a leading technological University, innovative and collaborative ideas and approaches are

always at the forefront of all we do. The Mobile App Service welcomes debate, bold and

innovative ideas and open discussion. The Mobile APP Service is continually reviewed and

refined in line with that ethos.

The service provides management for current and future App plans:

• The Mobile Service Policy & Strategy

• Day-to-day Service Management and Support

• Store account management; reviewing quality standards and authorising uploads to

App stores.

• All License ownership and administration (on behalf of ISD)

• User terms and conditions and Data Security and Data Privacy (in the context of

wider policy)

• User data access requests (via Ethics Committee)

• App system integrations via the Corporate Integration Hub

• Payments (via finance - WPM)

• Marketing and branding (via Marketing & Communications)

• Direct student messaging protocols (in partnership with Student Experience, Strath

Union etc.)

• VLE alignment (in partnership with Education Enhancement)

• Advice & guidance on APP technologies and tools

• Quality audit

• Digital Content management (via T4 or similar)

• Access to devolved services and maintenance as required

https://moss.strath.ac.uk/isd/Documents/Information%20Systems%20Development%20Framework%20Final%20Decemb

er%202019.pdf

https://www.strath.ac.uk/media/ps/its/its-software/Information_Security_Policy_version_1.pdf

https://www.strath.ac.uk/media/1newwebsite/documents/Strategic_Plan_2025.pdf

https://www.strath.ac.uk/studywithus/mobileapp/

5 | P a g e

Governance

Information Strategy Committee (ISC)

The Information Strategy Committee (ISC) reports to the Executive Team and is responsible

for all matters of corporate information strategy and for ensuring that the strategic direction

of all information resources is consistent with the University’s strategic ambitions. As such,

requests for additional Apps must be considered within the context of the institution’s wider

Information Strategy and in consultation with the Strathclyde mobile app team in

Collaboration Services. Business Cases must be submitted to the Digital Campus Sub

Committee (DCSC) in the first instance and to ISC as required.

Core Policies

Multi-Platform

All internal APP developments must provide a cross platform solution for Apple, Android and

Windows to ensure widening of access to communications to as wide a population as

possible. A Windows desktop option should be in place where possible, for the small

catchment of users without access to a device, who can access APP services on campus

machines.

Open Source Technology

Cutting-edge open-source mobile development frameworks e.g. Ionic and Cordova

are the

preferred current approach of the service, allowing the CS team to build on expertise from

wider Developer Communities. The team ensure they are keeping up with emerging

technologies in the ever-changing Javascript landscape. Well-supported technologies e.g.

React Native are recommended for rapid development and cross-platform deployment

across iOS, Android, and Windows 10 devices. A Windows desktop option should be in

place where possible, for the small catchment of users without access to a device, who can

access APP services on campus machines.

Web API server (Integration Hub)

The Mobile APP Service uses a web API Server, the University’s Integration Hub, to

facilitate integrations. This provides opportunities to present data from a number of different

systems from Timetabling to the Virtual Learning Environment. All APP development that

requires Corporate, Staff and Student Data must be provided via the Corporate Integration

Hub and approved by data custodians.

Evaluation & Standards

All Apps associated with the University of Strathclyde should enhance our reputation as a

leading technological university. Further, they must comply with the authentication,

development, testing and release standards expected of all applications permitted on the

University network. Infrastructure and software application industry standards and

Information Security principles must be observed. The App service is in the process of

moving to compliance with Government Accessibility Standards

across all products and

services.

https://ionicframework.com/

https://www.gov.uk/guidance/accessibility-requirements-for-public-sector-websites-and-apps#accessibility-standards

6 | P a g e

User Policies

The Mobile APP Service follows an Ecosystem of APPs approach; all APPs are managed as

a collaborative offering, with the Corporate Strathclyde APP and Integration Hub at the

centre.

In House Builds

The Mobile APP Service manages all requests for new developments with priorities

identified by the Agile Planning Group and delivery scheduled in the context of wider

resource planning within the Business Systems area. The Digital Content & Strategy Group

also consider new requests within the context of the University level provision of digital

content and student experience agendas. Where significant development resource is

required, a Digital Campus Sub-Committee business case is required. Please contact

strathapp-dev@strath.ac.uk for App advice and the IS Programme Management Office

informationstrate[email protected].uk for Digital Campus and business case support.

Enterprise & Template APPs

Enterprise or Template APPs designed to interface or integrate with other applications within

the University and requiring deployment across University networks, must meet strict

requirements for security, quality and administration management. They must use University

central data and the University’s standard authentication methods. User access should also

where possible be through the main Corporate Strathclyde App. Marketing of Apps, including

App store download instructions, must enhance our reputation as a Leading Technological

University and align with wider Corporate Branding and the current App Service offering

already in place for the University of Strathclyde.

Third Party

All new requests for Apps must be made to the Digital Campus Sub-Committee (DCSC) with

an accompanying business case, detailing resource ask and associated additional costs.

Such requests are also subject to ethics approval, data sharing agreements, data security

assessment and impact on existing Mobile APP Service. Please contact strathapp-

[email protected]k for advice.

Management Policies

APP Store Licenses and access

All official University Store Accounts (Apple, Google, Play) are administered and managed

by Collaboration Services; including responsibility for terms and conditions, account

management, security and GDPR for mobile releases on all platforms (IOS, Android,

Windows). Only in-house University apps are hosted under the University owned store

accounts. Third party apps should be provided under the suppliers’ own app store accounts

or available to download from their Web site.

Marketing and Branding

This policy and service aligns with the wider Brand & Design Principles of the University and

the emerging Digital Brand. Advice on the application of this is available from the Digital

Brand team. Please contact Strathapp-dev@strath.ac.uk in the first instance.

7 | P a g e

Cyber Security

The University’s Cyber Security team provides advice on how to protect the confidential

information we store on our mobile devices

. Their portability also means they are more

likely to be lost, damaged or stolen. The Mobile APP Service operates within the guidelines

of the Information Security Policy on all Cyber Security matters.

Data Protection and GDPR

The Mobile APP Service observes University guidance on GDPR

and aligns with Data

Protection Policy V4.0

Procurement

All new requests for Apps must follow University procurement Guidance

Review Process

Last Approved by ISC - November 2020

To be reviewed - November 2021

Appendix

Terms of Reference

Recognised Term

Our Definition

In-house Build Apps

Mobile Apps built by our own staff on our own platforms

Progressive Web Apps

Websites that are progressively enhanced to function like native apps

on supporting platforms, combining the best of the web and native

apps.

Template Apps

A pre-built app with customisation options e.g. edit text, images,

logos

Enterprise Apps

App platforms that assist and manage enterprise level functionalities

for organisations - usually deployed in an organisation by their in-

house IT department but built by some external application developer

organisation

Third party Apps

Specific products developed to be used either as an open source or as

a commercial product by an organisation outside of University of

Strathclyde

https://www.strath.ac.uk/professionalservices/is/cybersecurity/mobiledevices/

https://www.strath.ac.uk/professionalservices/dataprotection/

https://www.strath.ac.uk/media/ps/strategyandpolicy/DP_Policy.pdf

https://www.strath.ac.uk/procurement/procurementguidance/