SlideShare a Scribd company logo

IT-POLICY-AND-PROCEDURES-1.0.EDU.part01.pdf

Edward Munir
Edward Munir

IT Policy & Procedures part 1 of 4

Leadership & Management
1 of 15
Download to read offline
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) INFORMATION TECHNOLOGY POLICY, PROCESS AND PROCEDURE TRAINING MATERIAL EDWARD MUNIR, CISA CDCP ITILF (edward.munir@gmail.com)
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) IT POLICY AND PROCEDURE OVERVIEW
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHAT ARE IT POLICY, PROCESS AND PROCEDURE Policies and procedures are critical governance tools in every enterprise. Where policies dictate the rules, procedures explain how these same rules are practically applied in real life. Taken as a collective, policies and procedures set expectations for behaviors and activities, as well as provide mechanisms to enforce these expectations. [INFOTECH] IT policies help organizations to properly articulate the organization’s desired behavior, mitigate risk and contribute to achieving the organization’s goals. [ISACA] POLICY: The set of basic principles and associated guidelines, formulated and enforced by the governing body of an organization, to direct and limit its actions in pursuit of long-term goals. PROCESS: Sequence of interdependent and linked procedures which, at every stage, consume one or more resources (employee time, energy, machines, money) to convert inputs (data, material, parts, etc.) into outputs. These outputs then serve as inputs for the next stage until a known goal or end result is reached. PROCEDURE: A fixed, step-by-step sequence of activities or course of action (with definite start and end points) that must be followed in the same order to correctly perform a task. Repetitive procedures are called routines. Businessdictionary.com
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHAT ARE IT POLICY, PROCESS AND PROCEDURE RECORDS All should be implemented and documented (auditable, traceable)
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHY WE NEED IT POLICY AND PROCEDURE
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHY WE NEED THEM Each service needs to have policies and procedures to help them guide the actions of all individuals involved in the service. INTERNAL CONTROL • Compliance • Operational Needs • Managing Risks • Continuous Improvement Standardized process → Managed process
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHY WE NEED THEM Related to Quality Management System (QMS) Functions-and-Processes-in-IT-Management-article-ITSM-Global-Best-Practice-Vol-1-2008
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHY WE NEED THEM Functions-and-Processes-in-IT-Management-article-ITSM-Global-Best-Practice-Vol-1-2008 Value to organization!
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) CHARACTERISTICS AND COMPONENTS
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON CHARACTERISTICS GOOD POLICIES  Policies are written in clear, concise, simple language.  Policy statements address what is the rule rather than how to implement the rule.  Designated “policy experts” (identified by title in each document) are readily available to interpret policies and resolve problems.  Policies represent a consistent, logical framework for operations.  Outcomes are clearly stated.  Assumptions are clear and explicit.  There is linkage to organisational direction.  Due process in the development stage has been observed.  Stakeholders have been included in the development.  Public interest has been given a high priority.  Organisational expectations have been met.  The policy is likely to be both efficient and effective.  Outcomes are stated in measurable terms.  There is a capacity to evaluate outcomes.  It has been appropriately funded and resource.  There is clear accountability.  It follows all appropriate laws.  It is enforceable.  It is historically informed.  Ideas have been tested prior to implementation. Article Source: http://EzineArticles.com/5562525
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON CHARACTERISTICS GOOD PROCEDURES  Procedures are tied to policies. Making explicit this relationship along with how the procedure helps the organization achieve its goals.  Procedures are developed with the customer/user in mind. Well developed and thought out procedures provide benefits to the procedure user.  There needs to be a sense of ownership among procedure users. For this reason, it helps to involve users in the development of campus procedures.  The procedures are understandable. Procedures should be written so that what needs to be done can be easily followed by all users. • Prosedur menunjang tercapainya hasil proses tujuan organisasi. • Memiliki standar hasil yang diharapkan secara terukur. • Terdapat PIC yang jelas pada tiap activities, dan sesuai RACI/RASCI yang ditetapkan. • Prosedur mampu menciptakan adanya pengawasan yang baik dan menggunakan biaya yang seoptimal mungkin. • Prosedur menunjukan urutan- urutan yang logis dan sederhana. Ada “start” s/d “finish” • Prosedur menunjukan adanya penetapan keputusan/hasil dan tanggung jawab.
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON COMPONENTS POLICY:  Appointment of individuals who have the authority to approve policies and their associated responsibilities  Determination of the consequences for failing to comply with given policies  Definition of a process for handling exceptions to policies  Definition of a method for measuring and monitoring compliance with policies  Definition of the scope of the policy and the group of stakeholders that has to follow the policy [ISACA] (RACI/RASCI matrix)
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON COMPONENTS Komponen Pendukung Prosedur:  Halaman judul. Ini meliputi 1) judul prosedur, 2) nomor identifikasi SOP, 3) tanggal diterbitkan atau revisi, 4) nama badan/divisi/cabang di mana SOP diterapkan, dan 5) tanda tangan mereka yang menyiapkan dan menyetujui SOP tersebut. Bagian ini dapat menggunakan format apa saja, selama informasi yang disampaikan jelas.  Daftar Isi. Ini hanya perlu jika SOP Anda cukup panjang, untuk memudahkan referensi. Yang akan Anda temukan di sini adalah kerangka standar sederhana.  Jaminan Kualitas/Kontrol Kualitas. Sebuah prosedur bukanlah prosedur yang baik jika tidak dapat diperiksa. Siapkan materi dan detail yang diperlukan sehingga pembaca dapat memastikan mereka memperoleh hasil yang diinginkan. Materi ini dapat meliputi dokumen-dokumen lain, misalnya seperti sampel evaluasi kinerja.  Referensi. Pastikan untuk menuliskan seluruh referensi yang digunakan atau yang penting. Jika Anda menggunakan referensi SOP lain, pastikan untuk melampirkan informasi yang diperlukan dalam lampiran.
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON COMPONENTS Komponen utama Prosedur:  Cakupan dan penerapan. Dengan kata lain, menggambarkan tujuan proses, batasan-batasannya, serta bagaimana proses ini digunakan. Meliputi standar, persyaratan regulasi, peran dan tanggung jawab, serta input dan output.  Metodologi dan prosedur. Inti permasalahannya -- buat daftar langkah-langkah dengan detail yang penting, termasuk perlengkapan yang diperlukan dan sesuai RACI/RASCI matrix. Cantumkan pula prosedur-prosedur yang berurutan serta faktor-faktor penentu keputusan. Kemukakan "pengandaian" dan kemungkinan adanya gangguan atau pertimbangan keselamatan.  Klarifikasi terminologi dan pengertian diagram. Jelaskan akronim, singkatan, dan seluruh frasa yang bukan merupakan istilah umum.  Peringatan kesehatan dan keselamatan. Untuk dituliskan dalam bagian terpisah dan bersama dengan langkah-langkah saat terjadi masalah. Jangan melewatkan bagian ini.  Perlengkapan dan persediaan yang digunakan. Daftar lengkap hal-hal yang dibutuhkan dan kapan serta di mana dapat menemukan perlengkapan, standar perlengkapan, dll.  Peringatan dan gangguan. Pada dasarnya, bagian troubleshooting. Cantumkan kemungkinan masalah yang dapat terjadi, apa yang harus diwaspadai, dan apa yang dapat mempengaruhi produk akhir yang ideal. Beri masing-masing topik ini bagiannya sendiri (umumnya dinyatakan dengan angka atau huruf) agar SOP Anda tidak mengandung kalimat-kalimat panjang yang membingungkan dan untuk memudahkan referensi. Ini bukanlah daftar lengkap, melainkan baru sebagian kecil langkah-langkah prosedural. Organisasi Anda dapat menyebutkan aspek-aspek lain yang membutuhkan perhatian.
E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) DISCUSSION SHARING EXPERIENCE Q & A THE END THANK YOU

Recommended

Value Summary 2.0 Overview
Value Summary 2.0 OverviewValue Summary 2.0 Overview
Value Summary 2.0 Overviewbpatterson888
 
Implementing IT Service Management: A Guide to Success
Implementing IT Service Management: A Guide to SuccessImplementing IT Service Management: A Guide to Success
Implementing IT Service Management: A Guide to SuccessDave Cornelius - Value Contributor-agility and innovation
 
Sdlc1
Sdlc1Sdlc1
Sdlc1Jithin Kottikkal
 
Unit Iii
Unit IiiUnit Iii
Unit IiiRam Dutt Shukla
 
CMMI
CMMICMMI
CMMIFáber D. Giraldo
 
Management systems
Management systemsManagement systems
Management systemsmelynch
 
Lean six sigma demystified webinar
Lean six sigma demystified webinarLean six sigma demystified webinar
Lean six sigma demystified webinarILX Group
 
System Development Life Cycle Essay
System Development Life Cycle EssaySystem Development Life Cycle Essay
System Development Life Cycle EssayPamela Wright
 

Recommended

Value Summary 2.0 Overview
Value Summary 2.0 OverviewValue Summary 2.0 Overview
Value Summary 2.0 Overviewbpatterson888
 
Implementing IT Service Management: A Guide to Success
Implementing IT Service Management: A Guide to SuccessImplementing IT Service Management: A Guide to Success
Implementing IT Service Management: A Guide to SuccessDave Cornelius - Value Contributor-agility and innovation
 
Sdlc1
Sdlc1Sdlc1
Sdlc1Jithin Kottikkal
 
Unit Iii
Unit IiiUnit Iii
Unit IiiRam Dutt Shukla
 
CMMI
CMMICMMI
CMMIFáber D. Giraldo
 
Management systems
Management systemsManagement systems
Management systemsmelynch
 
Lean six sigma demystified webinar
Lean six sigma demystified webinarLean six sigma demystified webinar
Lean six sigma demystified webinarILX Group
 
System Development Life Cycle Essay
System Development Life Cycle EssaySystem Development Life Cycle Essay
System Development Life Cycle EssayPamela Wright
 
ISO 9001 Quality Management Systems: Implementation and Integration
ISO 9001 Quality Management Systems: Implementation and IntegrationISO 9001 Quality Management Systems: Implementation and Integration
ISO 9001 Quality Management Systems: Implementation and IntegrationSpecialty Technical Publishers
 
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...Govind Ramu
 
Guide for Post-COVID Process & Service Redesign
Guide for Post-COVID Process & Service RedesignGuide for Post-COVID Process & Service Redesign
Guide for Post-COVID Process & Service RedesignMatthew Boyer
 
Standards For Wright Aircraft Corp
Standards For Wright Aircraft CorpStandards For Wright Aircraft Corp
Standards For Wright Aircraft CorpAntoinette Williams
 
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...CSCJournals
 
Achieving and Ensuring Business Process Acceptance for Systems and Software E...
Achieving and Ensuring Business Process Acceptance for Systems and Software E...Achieving and Ensuring Business Process Acceptance for Systems and Software E...
Achieving and Ensuring Business Process Acceptance for Systems and Software E...Dr. Mustafa Değerli
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.pptKhalilIdhman
 
Transactional Blackbelts are different
Transactional Blackbelts are differentTransactional Blackbelts are different
Transactional Blackbelts are differentreachab7
 
My Vision
My VisionMy Vision
My Visionmelynch
 
SDM Presentation V1.0
SDM Presentation V1.0SDM Presentation V1.0
SDM Presentation V1.0KirSinc
 
Software process & product quality
Software process & product qualitySoftware process & product quality
Software process & product qualityIAEME Publication
 
Gr 6 sdlc models
Gr 6 sdlc modelsGr 6 sdlc models
Gr 6 sdlc modelsuniversity of education,Lahore
 
What are policies procedures guidelines standards
What are policies procedures guidelines standardsWhat are policies procedures guidelines standards
What are policies procedures guidelines standardsManish Chaurasia
 
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar
 
Quality management interview questions
Quality management interview questionsQuality management interview questions
Quality management interview questionsselinasimpson2301
 
standards1.pdf
standards1.pdfstandards1.pdf
standards1.pdfKarthick Panneerselvam
 
RTI System devolopment.ppt
RTI System devolopment.pptRTI System devolopment.ppt
RTI System devolopment.pptdyahsusilowati7
 
BIS2311Topic1
BIS2311Topic1BIS2311Topic1
BIS2311Topic1Middlesex University EIS
 
Making Smart Choices: Strategies for CMMI Adoption
Making Smart Choices: Strategies for CMMI AdoptionMaking Smart Choices: Strategies for CMMI Adoption
Making Smart Choices: Strategies for CMMI Adoptionrhefner
 
It service management towards a contingency theory of performance measurement...
It service management towards a contingency theory of performance measurement...It service management towards a contingency theory of performance measurement...
It service management towards a contingency theory of performance measurement...University of Southern Queensland
 
Safety T fire missions army field Artillery
Safety T fire missions army field ArtillerySafety T fire missions army field Artillery
Safety T fire missions army field ArtilleryKennethSwanberg
 
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607dollysharma2066
 

More Related Content

Similar to IT-POLICY-AND-PROCEDURES-1.0.EDU.part01.pdf

ISO 9001 Quality Management Systems: Implementation and Integration
ISO 9001 Quality Management Systems: Implementation and IntegrationISO 9001 Quality Management Systems: Implementation and Integration
ISO 9001 Quality Management Systems: Implementation and IntegrationSpecialty Technical Publishers
 
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...Govind Ramu
 
Guide for Post-COVID Process & Service Redesign
Guide for Post-COVID Process & Service RedesignGuide for Post-COVID Process & Service Redesign
Guide for Post-COVID Process & Service RedesignMatthew Boyer
 
Standards For Wright Aircraft Corp
Standards For Wright Aircraft CorpStandards For Wright Aircraft Corp
Standards For Wright Aircraft CorpAntoinette Williams
 
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...CSCJournals
 
Achieving and Ensuring Business Process Acceptance for Systems and Software E...
Achieving and Ensuring Business Process Acceptance for Systems and Software E...Achieving and Ensuring Business Process Acceptance for Systems and Software E...
Achieving and Ensuring Business Process Acceptance for Systems and Software E...Dr. Mustafa Değerli
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.pptKhalilIdhman
 
Transactional Blackbelts are different
Transactional Blackbelts are differentTransactional Blackbelts are different
Transactional Blackbelts are differentreachab7
 
My Vision
My VisionMy Vision
My Visionmelynch
 
SDM Presentation V1.0
SDM Presentation V1.0SDM Presentation V1.0
SDM Presentation V1.0KirSinc
 
Software process & product quality
Software process & product qualitySoftware process & product quality
Software process & product qualityIAEME Publication
 
What are policies procedures guidelines standards
What are policies procedures guidelines standardsWhat are policies procedures guidelines standards
What are policies procedures guidelines standardsManish Chaurasia
 
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar
 
Quality management interview questions
Quality management interview questionsQuality management interview questions
Quality management interview questionsselinasimpson2301
 
RTI System devolopment.ppt
RTI System devolopment.pptRTI System devolopment.ppt
RTI System devolopment.pptdyahsusilowati7
 
Making Smart Choices: Strategies for CMMI Adoption
Making Smart Choices: Strategies for CMMI AdoptionMaking Smart Choices: Strategies for CMMI Adoption
Making Smart Choices: Strategies for CMMI Adoptionrhefner
 
It service management towards a contingency theory of performance measurement...
It service management towards a contingency theory of performance measurement...It service management towards a contingency theory of performance measurement...
It service management towards a contingency theory of performance measurement...University of Southern Queensland
 

Similar to IT-POLICY-AND-PROCEDURES-1.0.EDU.part01.pdf (20)

ISO 9001 Quality Management Systems: Implementation and Integration
ISO 9001 Quality Management Systems: Implementation and IntegrationISO 9001 Quality Management Systems: Implementation and Integration
ISO 9001 Quality Management Systems: Implementation and Integration
 
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...
Integrated Management Systems ASQ Silicon Valley section 0613 april 2017_gr c...
 
Guide for Post-COVID Process & Service Redesign
Guide for Post-COVID Process & Service RedesignGuide for Post-COVID Process & Service Redesign
Guide for Post-COVID Process & Service Redesign
 
Standards For Wright Aircraft Corp
Standards For Wright Aircraft CorpStandards For Wright Aircraft Corp
Standards For Wright Aircraft Corp
 
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...
Theory of Constraints To Improve Labor Productivity. Study Case In Santo Domi...
 
Achieving and Ensuring Business Process Acceptance for Systems and Software E...
Achieving and Ensuring Business Process Acceptance for Systems and Software E...Achieving and Ensuring Business Process Acceptance for Systems and Software E...
Achieving and Ensuring Business Process Acceptance for Systems and Software E...
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
Transactional Blackbelts are different
Transactional Blackbelts are differentTransactional Blackbelts are different
Transactional Blackbelts are different
 
My Vision
My VisionMy Vision
My Vision
 
SDM Presentation V1.0
SDM Presentation V1.0SDM Presentation V1.0
SDM Presentation V1.0
 
Software process & product quality
Software process & product qualitySoftware process & product quality
Software process & product quality
 
Gr 6 sdlc models
Gr 6 sdlc modelsGr 6 sdlc models
Gr 6 sdlc models
 
What are policies procedures guidelines standards
What are policies procedures guidelines standardsWhat are policies procedures guidelines standards
What are policies procedures guidelines standards
 
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
 
Quality management interview questions
Quality management interview questionsQuality management interview questions
Quality management interview questions
 
standards1.pdf
standards1.pdfstandards1.pdf
standards1.pdf
 
RTI System devolopment.ppt
RTI System devolopment.pptRTI System devolopment.ppt
RTI System devolopment.ppt
 
BIS2311Topic1
BIS2311Topic1BIS2311Topic1
BIS2311Topic1
 
Making Smart Choices: Strategies for CMMI Adoption
Making Smart Choices: Strategies for CMMI AdoptionMaking Smart Choices: Strategies for CMMI Adoption
Making Smart Choices: Strategies for CMMI Adoption
 
It service management towards a contingency theory of performance measurement...
It service management towards a contingency theory of performance measurement...It service management towards a contingency theory of performance measurement...
It service management towards a contingency theory of performance measurement...
 

Recently uploaded

Safety T fire missions army field Artillery
Safety T fire missions army field ArtillerySafety T fire missions army field Artillery
Safety T fire missions army field ArtilleryKennethSwanberg
 
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607dollysharma2066
 
Reviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxReviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxAss.Prof. Dr. Mogeeb Mosleh
 
internal analysis on strategic management
internal analysis on strategic managementinternal analysis on strategic management
internal analysis on strategic managementharfimakarim
 
Strategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal AnalsysisStrategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal Analsysistanmayarora45
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampPLCLeadershipDevelop
 
Agile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxAgile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxalinstan901
 
International Ocean Transportation p.pdf
International Ocean Transportation p.pdfInternational Ocean Transportation p.pdf
International Ocean Transportation p.pdfAlejandromexEspino
 
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Beyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentBeyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentNimot Muili
 
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Pooja Nehwal
 
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Hedda Bird
 
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Pooja Nehwal
 

Recently uploaded (15)

Safety T fire missions army field Artillery
Safety T fire missions army field ArtillerySafety T fire missions army field Artillery
Safety T fire missions army field Artillery
 
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
 
Reviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxReviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptx
 
internal analysis on strategic management
internal analysis on strategic managementinternal analysis on strategic management
internal analysis on strategic management
 
Strategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal AnalsysisStrategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal Analsysis
 
Intro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptxIntro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptx
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC Bootcamp
 
Agile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxAgile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptx
 
International Ocean Transportation p.pdf
International Ocean Transportation p.pdfInternational Ocean Transportation p.pdf
International Ocean Transportation p.pdf
 
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTECAbortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
 
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 99 Noida Escorts >༒8448380779 Escort Service
 
Beyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentBeyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable development
 
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
 
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
 
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
 

IT-POLICY-AND-PROCEDURES-1.0.EDU.part01.pdf

  • 3. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHAT ARE IT POLICY, PROCESS AND PROCEDURE Policies and procedures are critical governance tools in every enterprise. Where policies dictate the rules, procedures explain how these same rules are practically applied in real life. Taken as a collective, policies and procedures set expectations for behaviors and activities, as well as provide mechanisms to enforce these expectations. [INFOTECH] IT policies help organizations to properly articulate the organization’s desired behavior, mitigate risk and contribute to achieving the organization’s goals. [ISACA] POLICY: The set of basic principles and associated guidelines, formulated and enforced by the governing body of an organization, to direct and limit its actions in pursuit of long-term goals. PROCESS: Sequence of interdependent and linked procedures which, at every stage, consume one or more resources (employee time, energy, machines, money) to convert inputs (data, material, parts, etc.) into outputs. These outputs then serve as inputs for the next stage until a known goal or end result is reached. PROCEDURE: A fixed, step-by-step sequence of activities or course of action (with definite start and end points) that must be followed in the same order to correctly perform a task. Repetitive procedures are called routines. Businessdictionary.com
  • 4. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHAT ARE IT POLICY, PROCESS AND PROCEDURE RECORDS All should be implemented and documented (auditable, traceable)
  • 6. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHY WE NEED THEM Each service needs to have policies and procedures to help them guide the actions of all individuals involved in the service. INTERNAL CONTROL • Compliance • Operational Needs • Managing Risks • Continuous Improvement Standardized process → Managed process
  • 7. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHY WE NEED THEM Related to Quality Management System (QMS) Functions-and-Processes-in-IT-Management-article-ITSM-Global-Best-Practice-Vol-1-2008
  • 8. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) WHY WE NEED THEM Functions-and-Processes-in-IT-Management-article-ITSM-Global-Best-Practice-Vol-1-2008 Value to organization!
  • 10. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON CHARACTERISTICS GOOD POLICIES  Policies are written in clear, concise, simple language.  Policy statements address what is the rule rather than how to implement the rule.  Designated “policy experts” (identified by title in each document) are readily available to interpret policies and resolve problems.  Policies represent a consistent, logical framework for operations.  Outcomes are clearly stated.  Assumptions are clear and explicit.  There is linkage to organisational direction.  Due process in the development stage has been observed.  Stakeholders have been included in the development.  Public interest has been given a high priority.  Organisational expectations have been met.  The policy is likely to be both efficient and effective.  Outcomes are stated in measurable terms.  There is a capacity to evaluate outcomes.  It has been appropriately funded and resource.  There is clear accountability.  It follows all appropriate laws.  It is enforceable.  It is historically informed.  Ideas have been tested prior to implementation. Article Source: http://EzineArticles.com/5562525
  • 11. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON CHARACTERISTICS GOOD PROCEDURES  Procedures are tied to policies. Making explicit this relationship along with how the procedure helps the organization achieve its goals.  Procedures are developed with the customer/user in mind. Well developed and thought out procedures provide benefits to the procedure user.  There needs to be a sense of ownership among procedure users. For this reason, it helps to involve users in the development of campus procedures.  The procedures are understandable. Procedures should be written so that what needs to be done can be easily followed by all users. • Prosedur menunjang tercapainya hasil proses tujuan organisasi. • Memiliki standar hasil yang diharapkan secara terukur. • Terdapat PIC yang jelas pada tiap activities, dan sesuai RACI/RASCI yang ditetapkan. • Prosedur mampu menciptakan adanya pengawasan yang baik dan menggunakan biaya yang seoptimal mungkin. • Prosedur menunjukan urutan- urutan yang logis dan sederhana. Ada “start” s/d “finish” • Prosedur menunjukan adanya penetapan keputusan/hasil dan tanggung jawab.
  • 12. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON COMPONENTS POLICY:  Appointment of individuals who have the authority to approve policies and their associated responsibilities  Determination of the consequences for failing to comply with given policies  Definition of a process for handling exceptions to policies  Definition of a method for measuring and monitoring compliance with policies  Definition of the scope of the policy and the group of stakeholders that has to follow the policy [ISACA] (RACI/RASCI matrix)
  • 13. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON COMPONENTS Komponen Pendukung Prosedur:  Halaman judul. Ini meliputi 1) judul prosedur, 2) nomor identifikasi SOP, 3) tanggal diterbitkan atau revisi, 4) nama badan/divisi/cabang di mana SOP diterapkan, dan 5) tanda tangan mereka yang menyiapkan dan menyetujui SOP tersebut. Bagian ini dapat menggunakan format apa saja, selama informasi yang disampaikan jelas.  Daftar Isi. Ini hanya perlu jika SOP Anda cukup panjang, untuk memudahkan referensi. Yang akan Anda temukan di sini adalah kerangka standar sederhana.  Jaminan Kualitas/Kontrol Kualitas. Sebuah prosedur bukanlah prosedur yang baik jika tidak dapat diperiksa. Siapkan materi dan detail yang diperlukan sehingga pembaca dapat memastikan mereka memperoleh hasil yang diinginkan. Materi ini dapat meliputi dokumen-dokumen lain, misalnya seperti sampel evaluasi kinerja.  Referensi. Pastikan untuk menuliskan seluruh referensi yang digunakan atau yang penting. Jika Anda menggunakan referensi SOP lain, pastikan untuk melampirkan informasi yang diperlukan dalam lampiran.
  • 14. E D W A R D M U N I R , C I S A C D C P I T I L F (edward.munir@gmail.com) COMMON COMPONENTS Komponen utama Prosedur:  Cakupan dan penerapan. Dengan kata lain, menggambarkan tujuan proses, batasan-batasannya, serta bagaimana proses ini digunakan. Meliputi standar, persyaratan regulasi, peran dan tanggung jawab, serta input dan output.  Metodologi dan prosedur. Inti permasalahannya -- buat daftar langkah-langkah dengan detail yang penting, termasuk perlengkapan yang diperlukan dan sesuai RACI/RASCI matrix. Cantumkan pula prosedur-prosedur yang berurutan serta faktor-faktor penentu keputusan. Kemukakan "pengandaian" dan kemungkinan adanya gangguan atau pertimbangan keselamatan.  Klarifikasi terminologi dan pengertian diagram. Jelaskan akronim, singkatan, dan seluruh frasa yang bukan merupakan istilah umum.  Peringatan kesehatan dan keselamatan. Untuk dituliskan dalam bagian terpisah dan bersama dengan langkah-langkah saat terjadi masalah. Jangan melewatkan bagian ini.  Perlengkapan dan persediaan yang digunakan. Daftar lengkap hal-hal yang dibutuhkan dan kapan serta di mana dapat menemukan perlengkapan, standar perlengkapan, dll.  Peringatan dan gangguan. Pada dasarnya, bagian troubleshooting. Cantumkan kemungkinan masalah yang dapat terjadi, apa yang harus diwaspadai, dan apa yang dapat mempengaruhi produk akhir yang ideal. Beri masing-masing topik ini bagiannya sendiri (umumnya dinyatakan dengan angka atau huruf) agar SOP Anda tidak mengandung kalimat-kalimat panjang yang membingungkan dan untuk memudahkan referensi. Ini bukanlah daftar lengkap, melainkan baru sebagian kecil langkah-langkah prosedural. Organisasi Anda dapat menyebutkan aspek-aspek lain yang membutuhkan perhatian.