Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
-
Upload
harumhr2000 -
Category
Documents
-
view
215 -
download
0
description
Transcript of Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 1/12
Practical IT Research that Drives
Measurable Results
Control the Policy Management Lifecycle
1Info-Tech Research Group
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 2/12
Executive Summary
Info-Tech Research Group 2
• Highlight here your organi!ation nee"s IT policy impro#ements $y
assessing hat you ha#e an" here gaps e%ist&• 'on(t start from scratch& Tailor Info-Tech(s li$rary of policies to your
nee"s&
) *se Info-Tech(s li$rary as a starter set an" sa#e #alua$le time&
) 'on(t "e#elop a policy here a process or proce"ure is su+cient&
) Tune Info-Tech(s samples for your organi!ation to esta$lish clear
purpose an" a#oi" misinterpretation
) Promote an" communicate your policies to esta$lish aarenessan" then commitment&
• To $e e,ecti#e policies must $e enforce". otherise your time an"e,ort ill $e aste"&
) /lmost 0 of organi!ations ha#e poor IT policy a"herence ithsho""y enforcement the $iggest culprit&
) Poor enforcement lea"s to titanic legal 3nancial an" ethical ris4sfor the enterprise&
) 5,ecti#e policy enforcement "eman"s trac4ing an" reporting ofpolicy #iolations&
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 3/12
Info-Tech Research Group 6
• List your IT policies an" assess the 7uality ofeach& – 8or e%ample many enterprises ha#e
policies for passor"s $ut o#erloo4policies that ill control costs an" trac4information assets&
• I"entify here ne policies are nee"e" ore%isting ones nee" impro#ement to "etermineho much or4 ill $e nee"e"&
• Prioriti!e e,orts to focus on the most importantimpro#ements& – 8ocus on policies that a""ress the most
serious $usiness #ulnera$ilities&• Policy impro#ement "oes not en" ith a ne
policy "ocument& 9e sure to plan for thecommunications training process changes
an" technology impro#ements nee"e" to ma4ethe policy fair an" enforcea$le& – If appropriate ris4 management steps are
not ta4en the time an" money re7uire" toma4e amen"s after the fact ill $esigni3cant&
/pply the :Policy /ssessment Tool;<
Highlight Where Your Enterprise Needs Policy Improvements by
Assessing What You Have and Where Gaps Exist
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 4/12
Info-Tech Research Group =
• /pplication Management
• >er#er Management
• >ecurity
•
/sset Management• Help 'es4 Management
• Technology /ccepta$le *se
Info-Tech(s 21 e"ita$le sample policies ill
help focus policy "e#elopment in thefolloing IT management areas<
on!t Start "rom Scratch# $everage Sample Policies to %og Your
&emory and Save 'aluable evelopment (ime
Info-Tech Insight:
The three most popular Info-Tech policy templates in this collection, based on download frequency, are the Internet, E-mail & Messaging, and Mobile Device cceptable !se "olicies#
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 5/12
Policies and Procedures Are Not the Same (hing ) (rying to Write
*ne When You Should +e Writing the *ther Is a Waste
Info-Tech Research Group ?
Policy Procedure
Purpose Prescripti#e @ general rulesman"ates an" "irecti#es
'escripti#e @ "etaile"instructions an" ho-to(s
>cope 9roa" @ applies to a"epartment or entireorgani!ation
Aarro @ applies only to thoseho must complete speci3ctas4s
>helf life Long term @ a persistent"ocument that(s rarelychange"
>hort term @ a "ynamic"ocument that(s change" asre7uire"
Compliance Aot optional @ must $e
enforce"
Bptional @ may or may not $e
enforce"
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 6/12
Info-Tech Research Group 0
• Purpose• 5%ceptions
• Conse7uences
• Glossary of terms
5#ery policy shoul" "escri$e its<
Policies ,ith -lear Purpose and Precise Presentation rive
-ompliance because (hey Eliminate &isinterpretation
Info-Tech$s detailed % IT "olicy Development Tool offers best practices, requirementsgathering guidelines, and writing and communications templates to help you plan anddraft policies#
Info-Tech Tool
/lso #ie the Info-Tech #i"eo :riting 5,ecti#e IT Policies; formore riting fun"amentals&
5#ery policy shoul" $e
ritten<• *sing e#ery"ay language
• In a "irect acti#e #oice
• Precisely to a#oi" misinterpretation
• Realistically
• Consistently in 4eeping ithstan"ar"s
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 7/12
(o &itigate Shoddy Policy En"orcement. Establish the /ight
Support In"rastructure# $eadership. Process. &onitoring
Info-Tech Research Group D
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 8/12
Info-Tech Research Group E
• Policy failure is not alays "ue to$a" user $eha#ior&
• Policies fail $ecause< – The policy is poorly ritten& –
The policy is not enforce"& – The policy is illegal or
unethical& – The policy is poorly
communicate"& – The policy opposes company
culture&
A Policy Is a Good Per"ormer i" People Adhere to It ) &onitor Its
(rac0 /ecord *ver (ime and &a0e /e1uired Ad2ustments
*se the Info-Tech :IT Policy 5nforcement Trac4ing Tool; hich inclu"es a Fiolation Logan" Policy Performance Report or4sheet&
Policies ha#e to performagainst stan"ar"s ust li4epeople processes an"technologies&
Info-Tech Insight:
IT policy compliance isn$t driven by greater IT control# In reality, it is end-to-end businessinvolvement that really ma'es the difference#
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 9/12
Info-Tech Research Group
• / "etaile" step-$y-step planensures that no critical stages areleft out&
• This tool is particularly useful if< – ou nee" to o#erhaul the entire
policy portfolio& – ou nee" to implement one or
more $ran" ne policies& – /men"ments of e%isting
policies ill ha#e a high impacton people processes or
technologies& – Rele#ant policies are "ri#en $y
legal or regulatory man"atesan" thus are su$ect to au"it&
*ver,helmed3 An *verarching Wor0 Plan Will 4eep Your Head
"rom Spinning When /iding the Policy &anagement $i"ecycle
The Info-Tech :IT Policy Lifecycleor4 Plan; pro#i"es a completelist of the "etaile" an" iterati#esteps of managing IT policiesthroughout their lifecycle&
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 10/12
Additional (ools and Insight Included in -omplete /eport
• 4ic0o"" &eeting (emplate. Wee0ly &eeting (emplate . &eeting 5ollo, 6p (emplate.
&ilestone /eport (emplate
• -ommunicating 4ey &essages Will Help 6sers Internali7e What a Policy Is About and
Why It!s Important
• A Poorly En"orced Policy -reates (itanic $egal. 5inancial and Ethical /is0s "or the
Enterprise
• E""ective Policy En"orcement emands Its *,n Set o" +ac08end ocuments (hat
-over the /ules o" Engagement
• (ools not included#
• I( Policy En"orcement Process (ool Policy Assessment (ool
• Policy Samples $ist
• Policy evelopment (ool
• Policy En"orcement Process (ool
• Policy En"orcement (rac0ing (ool
• Policy $i"ecycle Wor0 Plan
Info-Tech Research Group 1
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 11/12
Info-Tech Research Group 11
In"o8(ech Helps Pro"essionals (o#
9: ;uic0ly get up to speed
,ith ne, technologies
<: &a0e the right technology
purchasing decision ) "ast
=: eliver critical I(
pro2ects. on time and
,ithin budget
>: &anage business expectations
?: %usti"y I( spending and
prove the value o" I(
@: (rain I( sta"" and e""ectively
manage an I( department
In"o8(ech helps me to be proactive instead o"
reactive ) a cardinal rule in a stable and leading
edge I( environment:B
8 A/-S -ommercial &ortgage -o:. $P
Sign up "or a "ree trial to get practical
solutions to your I( challenges:
Sign up "or a "ree trial
,,,:in"otech:com
98CCC8@D8CCCF
7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample
http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 12/12
Appendix# (ools
Info-Tech Research Group 12
• IT Policy /ssessment Tool
• IT Policy >amples List• IT Policy 'e#elopment Tool
• IT Policy 5nforcement Process Tool
• IT Policy 5nforcement Trac4ing Tool
• IT Policy Lifecycle or4 Plan