3.5 ICT Policies


Published on

Teacher presentation on unit 3.5 ICT Policies

Published in: Education
1 Comment
  • There's nothing in this presentation on ACCEPTABLE USE. Beware diligent copiers!
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

3.5 ICT Policies

  1. 1. 3.5 ICT Policies
  2. 3. <ul><li>Using the document I have provided you with answer these questions: </li></ul><ul><ul><li>What does an IT Policy do? </li></ul></ul><ul><ul><li>You could say that the IT Policy is divided in to two main sections, what are they? </li></ul></ul><ul><ul><li>What security issues are covered in the IT Policy? </li></ul></ul><ul><ul><li>According to this policy when will all the training take place? </li></ul></ul><ul><ul><li>Do you think training should take place at other times also and if so when? </li></ul></ul><ul><ul><li>What is a TNA? </li></ul></ul><ul><ul><li>Why are legal legislations mentioned in this policy? </li></ul></ul><ul><ul><li>In your opinion is this is a thorough ICT Policy? </li></ul></ul><ul><ul><li>What might you ad to the policy? </li></ul></ul><ul><li>Highlight what you believe to be the most important parts of this policy </li></ul>
  3. 4. <ul><li>ICT policies outline how the ICT Strategy will be put into operation </li></ul><ul><li>ICT policies will tend to cover: </li></ul><ul><ul><li>Training </li></ul></ul><ul><ul><li>Security </li></ul></ul><ul><ul><li>Procurement </li></ul></ul><ul><li>It is important that policies are reviewed regularly to ensure that they still meet the objectives of the organisation </li></ul>
  4. 5. <ul><li>Many policies will be written into the employee’s contract of employment. </li></ul><ul><li>It will outline these policies and by signing the contract the employee is signing a legal agreement to comply with the policies. </li></ul><ul><li>The contract of employment will be backed up by disciplinary procedures </li></ul>
  5. 6. <ul><li>What would you do if you were in charge of writing this policy? </li></ul><ul><ul><li>What would it cover? </li></ul></ul><ul><ul><li>How would you conduct the training? </li></ul></ul><ul><ul><li>When would you conduct the training? </li></ul></ul><ul><ul><li>Who monitors the training? </li></ul></ul>
  6. 7. <ul><li>An ICT Training Policy will include a statement of who needs to be trained, what training they need and how this training will be delivered. </li></ul>
  7. 8. <ul><li>What would you do if you were in charge of writing this policy? </li></ul><ul><ul><li>What would it cover? </li></ul></ul><ul><ul><ul><li>Who needs to be trained </li></ul></ul></ul><ul><ul><ul><li>Training needs for specific jobs </li></ul></ul></ul><ul><ul><ul><li>What type of training to be used (e-learning, in-house, external courses, guest speakers etc.) </li></ul></ul></ul><ul><ul><ul><li>Funding </li></ul></ul></ul><ul><ul><li>How would you conduct the training? </li></ul></ul><ul><ul><ul><li>Find out staff abilities (skills audit) </li></ul></ul></ul><ul><ul><ul><li>Weigh up in-house vs external training </li></ul></ul></ul><ul><ul><li>When would you conduct the training? </li></ul></ul><ul><ul><ul><li>During Inductions (When someone new starts) </li></ul></ul></ul><ul><ul><ul><li>When new hardware or software are introduced </li></ul></ul></ul><ul><ul><ul><li>When/if new legislations are introduced </li></ul></ul></ul><ul><ul><ul><li>New ventures within an organisation may generate training </li></ul></ul></ul><ul><ul><ul><li>After appraisals </li></ul></ul></ul><ul><ul><ul><li>As ongoing CPD </li></ul></ul></ul><ul><ul><li>Who monitors the training </li></ul></ul><ul><ul><ul><li>HR Department </li></ul></ul></ul>
  8. 9. <ul><li>You have been asked to write the ICT Training Policy </li></ul><ul><li>Give an overview of 8-10 aspects it will cover </li></ul><ul><ul><li>Review the ICT skills gap for the organisation </li></ul></ul><ul><ul><li>Build in time for an employee to consolidate newly acquired skills </li></ul></ul>
  9. 10. <ul><li>You have been asked to write the ICT Training Policy </li></ul><ul><li>Give an overview of 8-10 aspects it will cover </li></ul><ul><ul><li>Review the ICT skills gap for the organisation </li></ul></ul><ul><ul><li>Review individuals training needs </li></ul></ul><ul><ul><li>Encourage an atmosphere of on-going ICT learning </li></ul></ul><ul><ul><li>Build in time for an employee to consolidate newly acquired skills </li></ul></ul><ul><ul><li>Ensure training individual staff benefits all by asking them to pass on information </li></ul></ul><ul><ul><li>Consider training costs </li></ul></ul><ul><ul><li>Ensure during induction training is given </li></ul></ul><ul><ul><li>Take immediate steps to replace any valuable ICT skills of leaving staff </li></ul></ul>
  10. 11. <ul><li>Covers how an organisation intends to protect it’s assets </li></ul><ul><li>Should lay down procedures that employees must follow in order to protect its data and equipment from theft, misuse and unauthorised access </li></ul><ul><li>Organisations have the responsibility to maintain security measures so that they meet the requirements of the law </li></ul><ul><li>Should aim to cover the security and privacy of data </li></ul><ul><li>What’s the difference between security of data and privacy of data? </li></ul><ul><ul><li>Security – making sure the data is correct, kept confidential and safe </li></ul></ul><ul><ul><li>Privacy – ensuring the data is not seen or accessed by anyone who is not authorized to see it </li></ul></ul>
  11. 12. <ul><li>MUST </li></ul><ul><ul><li>Identify potential threats to data and manage these threats </li></ul></ul><ul><ul><li>Allocate responsibilities for data security </li></ul></ul><ul><ul><li>State what resources are needed to maintain security </li></ul></ul><ul><ul><li>Lay down staff responsibilities in the prevention of misuse </li></ul></ul><ul><ul><ul><li>Steps that should be taken to provide protection against viruses and physical security of computers </li></ul></ul></ul><ul><ul><li>Lay down disciplinary procedures for breaches of security </li></ul></ul>
  12. 13. <ul><li>A security policy will tend to have the following included: </li></ul><ul><ul><li>Introduction – states purpose of policy </li></ul></ul><ul><ul><li>Network Security – usernames and passwords (min/max length etc.) </li></ul></ul><ul><ul><li>Data Transfer – Internet usage, data encryption, firewalls </li></ul></ul><ul><ul><li>Change control and monitoring – security logs </li></ul></ul><ul><ul><li>Use of Laptops- rules on usage (personal/private), storage, etc. </li></ul></ul><ul><ul><li>Backup and Recovery – how backed up and recovered </li></ul></ul>
  13. 14. <ul><li>IT is then important that all staff within an organisation are made aware of the security policy </li></ul><ul><li>How can this be done? </li></ul><ul><ul><li>Induction </li></ul></ul><ul><ul><li>Training </li></ul></ul><ul><ul><li>Leaflets, fliers, posters </li></ul></ul><ul><ul><li>Bulletin boards (on company intranet) </li></ul></ul><ul><ul><li>Emails </li></ul></ul>
  14. 15. <ul><li>Covers ways in which ICT hardware and software is obtained </li></ul><ul><li>A centralised policy will </li></ul><ul><ul><li>ensure consistency and compatibility amongst all systems </li></ul></ul><ul><ul><li>Provide possible discounts for bulk buys </li></ul></ul><ul><ul><li>Reduce costs of all hardware and software maintenance and support if consistent </li></ul></ul>
  15. 16. <ul><li>A timescale for replacement of hardware should be included </li></ul><ul><li>Communication and consultation with all departments is important, departments should feel involved with the decision process so as to be aware and to take ownership. </li></ul><ul><li>Consider the flexibility of the hardware and software, can be upgraded if requirements change or grow? </li></ul>
  16. 17. <ul><li>Consistency in hardware is ideal e.g. same model and make of laptops, desktops etc. will simplify maintenance </li></ul><ul><li>Consistency in software is similar e.g. same operating systems, generic software applications etc. would insure a consistent look and feel, ease maintenance, training and support. </li></ul><ul><li>However, certain departments may require specialist software, communication is important again </li></ul>
  17. 18. <ul><li>May also cover disposal of unwanted or obsolete equipment </li></ul><ul><ul><li>Selling </li></ul></ul><ul><ul><li>Donating </li></ul></ul><ul><ul><li>Recycling </li></ul></ul>