Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample

7/21/2019 Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample

http://slidepdf.com/reader/full/policy-20management-1-201-201-control-the-policy-mgmt-lifecycle-sample 1/12

Practical IT Research that Drives

Measurable Results

Control the Policy Management Lifecycle

1Info-Tech Research Group



Executive Summary

Info-Tech Research Group 2

• Highlight here your organi!ation nee"s IT policy impro#ements $y

assessing hat you ha#e an" here gaps e%ist&• 'on(t start from scratch& Tailor Info-Tech(s li$rary of policies to your

nee"s&

) *se Info-Tech(s li$rary as a starter set an" sa#e #alua$le time&

) 'on(t "e#elop a policy here a process or proce"ure is su+cient&

) Tune Info-Tech(s samples for your organi!ation to esta$lish clear

purpose an" a#oi" misinterpretation

) Promote an" communicate your policies to esta$lish aarenessan" then commitment&

• To $e e,ecti#e policies must $e enforce". otherise your time an"e,ort ill $e aste"&

) /lmost 0 of organi!ations ha#e poor IT policy a"herence ithsho""y enforcement the $iggest culprit&

) Poor enforcement lea"s to titanic legal 3nancial an" ethical ris4sfor the enterprise&

) 5,ecti#e policy enforcement "eman"s trac4ing an" reporting ofpolicy #iolations&




• List your IT policies an" assess the 7uality ofeach& – 8or e%ample many enterprises ha#e

policies for passor"s $ut o#erloo4policies that ill control costs an" trac4information assets&

• I"entify here ne policies are nee"e" ore%isting ones nee" impro#ement to "etermineho much or4 ill $e nee"e"&

• Prioriti!e e,orts to focus on the most importantimpro#ements& – 8ocus on policies that a""ress the most

serious $usiness #ulnera$ilities&• Policy impro#ement "oes not en" ith a ne

policy "ocument& 9e sure to plan for thecommunications training process changes

an" technology impro#ements nee"e" to ma4ethe policy fair an" enforcea$le& – If appropriate ris4 management steps are

not ta4en the time an" money re7uire" toma4e amen"s after the fact ill $esigni3cant&

/pply the :Policy /ssessment Tool;<

Highlight Where Your Enterprise Needs Policy Improvements by

Assessing What You Have and Where Gaps Exist

http://www.infotech.com/research/it-policy-assessment-tool

http://www.infotech.com/research/it-policy-assessment-tool



Info-Tech Research Group =

• /pplication Management

• >er#er Management

• >ecurity

•

/sset Management• Help 'es4 Management

• Technology /ccepta$le *se

Info-Tech(s 21 e"ita$le sample policies ill

help focus policy "e#elopment in thefolloing IT management areas<

on!t Start "rom Scratch# $everage Sample Policies to %og Your

&emory and Save 'aluable evelopment (ime

Info-Tech Insight:

The three most popular Info-Tech policy templates in this collection, based on download frequency, are the Internet, E-mail & Messaging, and Mobile Device cceptable !se "olicies#

http://www.infotech.com/research/it-policy-samples-list

http://www.infotech.com/research/it-policy-samples-list



Policies and Procedures Are Not the Same (hing ) (rying to Write

*ne When You Should +e Writing the *ther Is a Waste

Info-Tech Research Group ?

Policy Procedure

Purpose Prescripti#e @ general rulesman"ates an" "irecti#es

'escripti#e @ "etaile"instructions an" ho-to(s

>cope 9roa" @ applies to a"epartment or entireorgani!ation

Aarro @ applies only to thoseho must complete speci3ctas4s

>helf life Long term @ a persistent"ocument that(s rarelychange"

>hort term @ a "ynamic"ocument that(s change" asre7uire"

Compliance Aot optional @ must $e

enforce"

Bptional @ may or may not $e

enforce"




• Purpose• 5%ceptions

• Conse7uences

• Glossary of terms

5#ery policy shoul" "escri$e its<

Policies ,ith -lear Purpose and Precise Presentation rive

-ompliance because (hey Eliminate &isinterpretation

Info-Tech$s detailed % IT "olicy Development Tool offers best practices, requirementsgathering guidelines, and writing and communications templates to help you plan anddraft policies#

Info-Tech Tool

/lso #ie the Info-Tech #i"eo :riting 5,ecti#e IT Policies; formore riting fun"amentals&

5#ery policy shoul" $e

ritten<• *sing e#ery"ay language

• In a "irect acti#e #oice

• Precisely to a#oi" misinterpretation

• Realistically

• Consistently in 4eeping ithstan"ar"s

http://www.infotech.com/research/it-policy-development-tool


http://www.infotech.com/research/writing-effective-it-policies

http://www.infotech.com/research/writing-effective-it-policies





(o &itigate Shoddy Policy En"orcement. Establish the /ight

Support In"rastructure# $eadership. Process. &onitoring

Info-Tech Research Group D



Info-Tech Research Group E

• Policy failure is not alays "ue to$a" user $eha#ior&

• Policies fail $ecause< – The policy is poorly ritten& –

The policy is not enforce"& – The policy is illegal or

unethical& – The policy is poorly

communicate"& – The policy opposes company

culture&

A Policy Is a Good Per"ormer i" People Adhere to It ) &onitor Its

(rac0 /ecord *ver (ime and &a0e /e1uired Ad2ustments

*se the Info-Tech :IT Policy 5nforcement Trac4ing Tool; hich inclu"es a Fiolation Logan" Policy Performance Report or4sheet&

Policies ha#e to performagainst stan"ar"s ust li4epeople processes an"technologies&

Info-Tech Insight:

IT policy compliance isn$t driven by greater IT control# In reality, it is end-to-end businessinvolvement that really ma'es the difference#



Info-Tech Research Group

• / "etaile" step-$y-step planensures that no critical stages areleft out&

• This tool is particularly useful if< – ou nee" to o#erhaul the entire

policy portfolio& – ou nee" to implement one or

more $ran" ne policies& – /men"ments of e%isting

policies ill ha#e a high impacton people processes or

technologies& – Rele#ant policies are "ri#en $y

legal or regulatory man"atesan" thus are su$ect to au"it&

*ver,helmed3 An *verarching Wor0 Plan Will 4eep Your Head

"rom Spinning When /iding the Policy &anagement $i"ecycle

The Info-Tech :IT Policy Lifecycleor4 Plan; pro#i"es a completelist of the "etaile" an" iterati#esteps of managing IT policiesthroughout their lifecycle&



Additional (ools and Insight Included in -omplete /eport

• 4ic0o"" &eeting (emplate. Wee0ly &eeting (emplate . &eeting 5ollo, 6p (emplate.

&ilestone /eport (emplate

• -ommunicating 4ey &essages Will Help 6sers Internali7e What a Policy Is About and

Why It!s Important

• A Poorly En"orced Policy -reates (itanic $egal. 5inancial and Ethical /is0s "or the

Enterprise

• E""ective Policy En"orcement emands Its *,n Set o" +ac08end ocuments (hat

-over the /ules o" Engagement

• (ools not included#

• I( Policy En"orcement Process (ool Policy Assessment (ool

• Policy Samples $ist

• Policy evelopment (ool

• Policy En"orcement Process (ool

• Policy En"orcement (rac0ing (ool

• Policy $i"ecycle Wor0 Plan





In"o8(ech Helps Pro"essionals (o#

9: ;uic0ly get up to speed

,ith ne, technologies

<: &a0e the right technology

purchasing decision ) "ast

=: eliver critical I(

pro2ects. on time and

,ithin budget

>: &anage business expectations

?: %usti"y I( spending and

prove the value o" I(

@: (rain I( sta"" and e""ectively

manage an I( department

In"o8(ech helps me to be proactive instead o"

reactive ) a cardinal rule in a stable and leading

edge I( environment:B

8 A/-S -ommercial &ortgage -o:. $P

Sign up "or a "ree trial to get practical

solutions to your I( challenges:

Sign up "or a "ree trial

,,,:in"otech:com

98CCC8@D8CCCF



Appendix# (ools


• IT Policy /ssessment Tool

• IT Policy >amples List• IT Policy 'e#elopment Tool

• IT Policy 5nforcement Process Tool

• IT Policy 5nforcement Trac4ing Tool

• IT Policy Lifecycle or4 Plan

Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample

Documents

Transcript of Policy 20Management 1 201 201 Control the Policy Mgmt Lifecycle Sample