IT Policy and Procedure Manual, Papers of Information Systems

The information technology policy shall be developed to attain the following objectives. 3.1 To make information technology accessible to the general public and increase employment through this means. 3.2 To build a knowledge-based society. 3.3 To establish knowledge-based industries.

Typology: Papers

2019/2020

Uploaded on 07/17/2020

jiiar0121
jiiar0121 🇵🇭

1 document

1 / 33

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Information Technology Policy and Procedure
Manual Template
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21

Partial preview of the text

Download IT Policy and Procedure Manual and more Papers Information Systems in PDF only on Docsity!

Information Technology Policy and Procedure

Manual Template

Page ii of iii

How to complete this template

Designed to be customized

This template for an IT policy and procedures manual is made up of example topics. You can customize these if you wish, for example, by adding or removing topics.

To complete the template:

  1. Guidance text appears throughout the document, marked by the word Guidance. Where you see a guidance note, read and then delete it. Guidance has been added to help you complete the template and should not appear in your final version.
  2. Using Word's Replace function, search for {Municipality Name} and replace with your company name.

a) In Word's Home ribbon, open the Find and Replace tool, choose Replace to open the Find and Replace tool. The Find and Replace dialog opens with the Replace tab selected.

b) Enter {Municipality Name} in the Find what field.

c) Enter your company name in the Replace with field.

d) Click Replace All

  1. Replace {items in curly brackets} with your own wording.
  2. Where you see a reference to other policies, insert a link to another example policy that applies in your institution

Information Technology

Policy and Procedure Manual

  • Information Technology Policy and Procedure Manual Table of Contents
  • Introduction
  • Technology Hardware Purchasing Policy
    • Purpose of the Policy
    • Procedures........................................................................................................................................
  • Policy for Getting Software
    • Purpose of the Policy
    • Procedures........................................................................................................................................
  • Policy for Use of Software
    • Purpose of the Policy
    • Procedures......................................................................................................................................
  • Bring Your Own Device Policy.........................................................................................................
    • Purpose of the Policy
    • Procedures......................................................................................................................................
  • Information Technology Security Policy
    • Purpose of the Policy
    • Procedures......................................................................................................................................
  • Information Technology Administration Policy................................................................................
    • Purpose of the Policy
    • Procedures......................................................................................................................................
  • Website Policy
    • Purpose of the Policy
    • Procedures......................................................................................................................................
  • Electronic Transactions Policy
    • Purpose of the Policy
    • Procedures......................................................................................................................................
  • IT Service Agreements Policy
    • Purpose of the Policy
    • Procedures......................................................................................................................................
  • Emergency Management of Information Technology.......................................................................
    • Purpose of the Policy
    • Procedures......................................................................................................................................

Technology Hardware Purchasing Policy

Policy Number: {insert unique number}

Policy Date: {insert date of policy}

Guidance: This policy should be read and carried out by all staff. Edit this policy so it suits your needs.

Computer hardware refers to the physical parts of a computer and related devices. Internal hardware devices include motherboards, hard drives, and RAM. External hardware devices include monitors, keyboards, mice, printers, and scanners.

Purpose of the Policy

This policy provides guidelines for the purchase of hardware for the institution to ensure that all hardware technology for the institution is appropriate, value for money and where applicable integrates with other technology for the institution. The objective of this policy is to ensure that there is minimum diversity of hardware within the institution.

Procedures

Purchase of Hardware Guidance: The purchase of all desktops, servers, portable computers, computer peripherals and mobile devices must adhere to this policy. Edit this statement to cover the relevant technology needed.

Purchasing desktop computer systems

The desktop computer systems purchased must run a {insert relevant operating system here e.g. Windows} and integrate with existing hardware { insert names of existing technology such as the institution server}.

The desktop computer systems must be purchased as standard desktop system bundle and must be {insert manufacturer type here, such as HP, Dell, Acer etc.}.

The desktop computer system bundle must include:

Desktop tower

Desktop screen of {insert screen size here}

 Keyboard and mouse You may like to consider stating if these are to be wireless

 {insert name of operating system, e.g. Windows 7, and software e.g. Office 2013 here}

 {insert other items here, such as speakers, microphone, webcam, printers etc.}

The minimum capacity of the desktop must be:

 {insert speed of computer size (GHz -gigahertz)here}

 {insert memory (RAM) size here}

 {insert number of USB ports here}

 {insert other specifications for desktop here, such as DVD drive, microphone port, etc.}

Any change from the above requirements must be authorised by {insert relevant job title here}

All purchases of desktops must be supported by{insert guarantee and/or warranty requirements here} and be compatible with the institution’s server system.

All purchases for desktops must be in line with the purchasing policy in the Financial policies and procedures manual.

Purchasing portable computer systems

The purchase of portable computer systems includes {insert names of portable devices here, such as notebooks, laptops, tablets etc.}

Portable computer systems purchased must run a {insert relevant operating system here e.g. Windows} and integrate with existing hardware { insert names of existing technology such as the institution server}.

The portable computer systems purchased must be {insert manufacturer type here, such as HP, Dell, Acer, etc.}.

The minimum capacity of the portable computer system must be:

 {insert speed of computer size (GHz -gigahertz)here}

 {insert memory (RAM) size here}

Computer peripherals can only be purchased where they are not included in any hardware purchase or are considered to be an additional requirement to existing peripherals.

Computer peripherals purchased must be compatible with all other computer hardware and software in the institution.

The purchase of computer peripherals can only be authorised by {insert relevant job title here, recommended IT specialist or department manager}.

All purchases of computer peripherals must be supported by{insert guarantee and/or warranty requirements here} and be compatible with the institution’s other hardware and software systems.

Any change from the above requirements must be authorised by {insert relevant job title here}

All purchases for computer peripherals must be in line with the purchasing policy in the Financial policies and procedures manual.

Purchasing mobile telephones

A mobile phone will only be purchased once the eligibility criteria is met. Refer to the Mobile Phone Usage policy in this document.

The purchase of a mobile phone must be from {insert names authorised suppliers here, such as Telstra etc.} to ensure the institution takes advantage of volume pricing based discounts provided by {insert names authorised suppliers here, such as Telstra etc.}. Such discounts should include the purchase of the phone, the phone call and internet charges etc.

The mobile phone must be compatible with the institution’s current hardware and software systems.

The mobile phone purchased must be {insert manufacturer type here, such as IPhone, Blackberry, Samsung, etc.}.

The request for accessories (a hands-free kit etc.) must be included as part of the initial request for a phone.

The purchase of a mobile phone must be approved by {insert relevant job title here} prior to purchase.

Any change from the above requirements must be authorised by {insert relevant job title here}

All purchases of all mobile phones must be supported by{insert guarantee and/or warranty requirements here}.

All purchases for mobile phones must be in line with the purchasing policy in the Financial policies and procedures manual.

Additional Policies for Purchasing Hardware Guidance: add, link or remove the policies listed below as required.

Purchasing Policy

Mobile phone policy

Obtaining open source or freeware software

Open source or freeware software can be obtained without payment and usually downloaded directly from the internet.

In the event that open source or freeware software is required, approval from {insert relevant job title here} must be obtained prior to the download or use of such software.

All open source or freeware must be compatible with the institution’s hardware and software systems.

Any change from the above requirements must be authorised by {insert relevant job title here}

Additional Policies for Obtaining Software Guidance: add, link or remove the policies listed below as required.

Purchasing Policy

Use of Software policy

Policy for Use of Software

Policy Number: {insert unique number}

Policy Date: {insert date of policy}

Guidance: This policy should be read and carried out by all staff. Edit this policy so it suits your needs.

Purpose of the Policy

This policy provides guidelines for the use of software for all employees within the institution to ensure that all software use is appropriate. Under this policy, the use of all open source and freeware software will be conducted under the same procedures outlined for commercial software.

Procedures........................................................................................................................................

Software Licensing

All computer software copyrights and terms of all software licences will be followed by all employees of the institution.

Where licensing states limited usage (i.e. number of computers or users etc.), then it is the responsibility of {insert relevant job title here} to ensure these terms are followed.

{insert relevant job title here} is responsible for completing a software audit of all hardware twice a year to ensure that software copyrights and licence agreements are adhered to.

Software Installation

All software must be appropriately registered with the supplier where this is a requirement.

{Municipality Name} is to be the registered owner of all software.

Only software obtained in accordance with the getting software policy is to be installed on the institution’s computers.

All software installation is to be carried out by {insert relevant job title here}

Breach of Policy

Where there is a breach of this policy by an employee, that employee will be referred to {insert relevant job title here} for {insert consequence here, such as further consultation, reprimand action etc.}

Where an employee is aware of a breach of the use of software in accordance with this policy, they are obliged to notify {insert relevant job title here} immediately. In the event that the breach is not reported and it is determined that an employee failed to report the breach, then that employee will be referred to {insert relevant job title here} for {insert consequence here, such as further consultation, reprimand action etc.}

Additional Policies for Use of Software Guidance: add, link or remove the policies listed below as required.

Technology Hardware Policy

Obtaining Software policy

Bring Your Own Device Policy

Policy Number: {insert unique number}

Policy Date: {insert date of policy}

Guidance: Edit this policy so it suits your needs.

At {Municipality Name} we acknowledge the importance of mobile technologies in improving institution communication and productivity. In addition to the increased use of mobile devices, staff members have requested the option of connecting their own mobile devices to {Municipality Name}'s network and equipment. We encourage you to read this document in full and to act upon the recommendations. This policy should be read and carried out by all staff.

Purpose of the Policy

This policy provides guidelines for the use of personally owned notebooks, smart phones, tablets and {insert other types of mobile devices} for institution purposes. All staff who use or access {Municipality Name}'s technology equipment and/or services are bound by the conditions of this Policy.

Procedures

Current mobile devices approved for institution use

The following personally owned mobile devices are approved to be used for institution purposes:

 {insert type of approved mobile devices such as notebooks, smart phones, tablets, iPhone, removable media etc.}

 {insert type of approved mobile devices such as notebooks, smart phones, tablets, iPhone, removable media etc.}

 {insert type of approved mobile devices such as smart phones, tablets, iPhone etc.}

 {insert type of approved mobile devices such as notebooks, smart phones, tablets, iPhone, removable media etc.}.

 Not to share the device with other individuals to protect the institution data access through the device

 To abide by {Municipality Name}'s internet policy for appropriate use and access of internet sites etc.

 To notify {Municipality Name} immediately in the event of loss or theft of the registered device

 Not to connect USB memory sticks from an untrusted or unknown source to {Municipality Name}'s equipment.

All employees who have a registered personal mobile device for institution use acknowledge that the institution:

 Owns all intellectual property created on the device  Can access all data held on the device, including personal data  Will regularly back-up data held on the device  Will delete all data held on the device in the event of loss or theft of the device  Has first right to buy the device where the employee wants to sell the device  Will delete all data held on the device upon termination of the employee. The terminated employee can request personal data be reinstated from back up data  Has the right to deregister the device for institution use at any time.

Keeping mobile devices secure

The following must be observed when handling mobile computing devices (such as notebooks and iPads):

 Mobile computer devices must never be left unattended in a public place, or in an unlocked house, or in a motor vehicle, even if it is locked. Wherever possible they should be kept on the person or securely locked away

 Cable locking devices should also be considered for use with laptop computers in public places, e.g. in a seminar or conference, even when the laptop is attended

 Mobile devices should be carried as hand luggage when travelling by aircraft.

Exemptions

This policy is mandatory unless {insert relevant job title or department here} grants an exemption. Any requests for exemptions from any of these directives, should be referred to the {insert relevant job title or department here}.

Breach of this policy

Any breach of this policy will be referred to {insert relevant job title} who will review the breach and determine adequate consequences, which can include { insert consequences here such as confiscation of the device and or termination of employment.}

Indemnity

{Municipality Name} bears no responsibility whatsoever for any legal action threatened or started due to conduct and activities of staff in accessing or using these resources or facilities. All staff indemnify {Municipality Name} against any and all damages, costs and expenses suffered by {Municipality Name} arising out of any unlawful or improper conduct and activity, and in respect of any action, settlement or compromise, or any statutory infringement. Legal prosecution following a breach of these conditions may result independently from any action by {Municipality Name}.

Additional Policies for Institution Mobile Phone Use Guidance: add, link or remove the policies listed below as required.

Technology Hardware Purchasing Policy

Use of Software policy

Purchasing Policy