1 / 16

Wednesday 11/19

Wednesday 11/19. CST 481/598 x.2. Policies. Broad overview of policy material What is a “process” Tiers (not tears). Many thanks to Jeni Li. Why have policies?. Guide employee behavior Enable accountability measures Manage expectations (to an extent) Ensure self-regulation

deva
Download Presentation

Wednesday 11/19

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wednesday 11/19 CST 481/598 x.2

  2. Policies • Broad overview of policy material • What is a “process” • Tiers (not tears) Many thanks to Jeni Li

  3. Why have policies? • Guide employee behavior • Enable accountability measures • Manage expectations (to an extent) • Ensure self-regulation • Protect information • Protect the company

  4. Terminology and structure Policy • High-level, brief • General requirements on a specified subject area • Tier 1, 2, 3 • Standards • Mandatory requirements that support individual policies • Procedures • Mandatory, step-by-step actions to complete a task • Guidelines • Recommendations (not mandatory) to enable policy compliance • May provide a framework to implement procedures

  5. Tier 1: Global policies • Overall vision • Address organizationwide issues • Fairly broad, brief, and general • Usually developed or approved by committee • Require little modification over time • Examples • Records management • Corporate communications • Business continuity planning

  6. Tier 1: Global policies • Components • Topic with “Hook” • Scope • Responsibilities • Compliance and Consequences

  7. Tier 2: Topic-specific policies • Specific topic or department • Address single issues of current relevance • Usually issued by a single senior official • Require more frequent updates • Examples • Electronic mail • Workstation security • Data access control

  8. Tier 2: Topic-specific policies • Components • Thesis statement • What the policy addresses and why it exists • Relevance • Where, how, when, and to whom it applies • Responsibilities • Compliance • May be more specific than Tier 1 • Supplementary information • Metadata; e.g., contact, ownership, revision dates

  9. Tier 3: Application-specific policies • Specific application, function, or system • May be issued by the system owner • Should derive from mission objectives • Business and application mission objectives • Proactive, not reactive • Format is more variable • Examples • Payroll and time submission • Web application server access

  10. Good policies are… • Easy to understand • Visible • Applicable • Do-able • Enforceable • Phased in on introduction • Proactive • Diplomatic (avoid absolutes) • Supportive of the business objectives

  11. When writing policies… • See if you can just change an existing one • Address the business objectives • Use the business language • Use the existing policy format • Write it well • Be succinct • Grammar and spelling matter • Be realistic (balance protection with productivity) • Consider the audience • Sell before and train after

  12. Standards and procedures • Policies state goals in broad terms • Standards define what to do in specific terms • Procedures tell how to meet the standards

  13. Standards • Standards should • Have management support • Be reasonable, flexible, and current • Be practical and applicable • Be reviewed and updated regularly • Ensure adherence to externally imposed standards

  14. Procedures • Procedures should • Fulfill a real need • Does the task have to be completed in a specific manner? • Identify the target audience • Describe the task • Its purpose, scope, and goals • Any prerequisites to beginning the task • Describe the expected outcome

  15. Procedures • Some possible components • Title • Intent • Scope • Responsibilities • Sequence of events • Approvals • Prerequisites • Definitions • Equipment required • Warnings • Precautions • Procedure body (the actual steps)

  16. Procedures, Standards, & Policies • Formats vary • Content, depth and specificity/generality

More Related