Acceptable Use Policy Making
•Download as PPTX, PDF•
1 like•65 views
This document outlines the process for developing an Acceptable Use Policy (AUP) for organizational IT resources. It discusses establishing ownership over resources but notes a blurring between professional and personal use. An AUP defines what is and is not acceptable use, including setting guidelines, restrictions, and consequences. The development process involves initiating a structure, researching current resource use, drafting the policy, obtaining feedback, approval, communication, implementation, monitoring, and revision. It aims to protect the organization while balancing user privacy.
Report
Share
Report
Share
Recommended
Acceptable Use Policy Making
This document discusses the process of developing an Acceptable Use Policy (AUP) for organizational IT resources. It explains that AUPs aim to define what use of resources is acceptable versus not, as the lines have blurred with BYOD and personal use of work devices. The development process involves establishing a team, researching current resource use, drafting the policy content covering purposes and restrictions, circulating the draft for feedback, approval, communication, implementation with monitoring, and periodic review/revision. An AUP is important to ensure compliance by outlining appropriate and inappropriate uses of computers, networks and systems.
F flack ands_ttt2_perth_phrn_17 may 2018_v1.0
PHRN - population health research network - presented by Dr Felicity Flack at the Accelerate your Data training event in Perth 17 May 2018
VT School Safety Conference 2013 Keynote
This document discusses improving school safety through collaboration, conducting hazard and vulnerability assessments, leveraging technology, establishing policies and procedures, and designating a chief safety officer for leadership. It emphasizes creating a multidisciplinary approach involving administrators, teachers, students, police, parents and others. Areas of focus include emergency management, threat assessment, substance abuse prevention, and security technology.
Joining the UK Access Management Federation
Presentation at the JISC Access Management Transition Programme Meeting from Simon Cooper, UKERNA. This presentation describes the process for joining the UK Access Management Federation
HITECH Health IT Legislation: Opportunities for the DMAA Community
The document discusses opportunities for the disease management community in light of recent health IT legislation. It outlines how disease management can embrace interoperability to become leaders rather than laggards. The legislation provides billions in incentives to adopt electronic health records and demonstrate meaningful use. This creates opportunities for disease management to participate through care coordination and use of clinical groupware platforms.
Saachi Neki Resume
Saachi Neki has extensive experience in information technology and cyber security through her education at the University of Cincinnati and work experience at Johnson & Johnson. She is expected to graduate from UC in August 2018 with a Bachelor of Science in Information Technology with a focus on cyber security and a 4.0 GPA Master of Business Administration. Her relevant coursework includes networking, programming, system administration, database management, computer forensics, and network security. Through two internships at Johnson & Johnson, she conducted research on product documentation, developed a medical device penetration testing methodology, and created databases and documentation for projects. She is involved in several student organizations at UC focused on information technology, leadership, and community service.
BioSense 2.0
The document discusses BioSense 2.0, a redesigned public health surveillance system that aims to create a community-controlled and shared environment. BioSense 2.0 will use cloud technology to allow states and local health departments to access computing resources and share surveillance data in a distributed network. This will save costs while increasing capabilities. The redesign also aims to support nationwide and regional situation awareness for all health threats.
Verboice tool for community participation
This document discusses opportunities for citizen participation in Cambodia through the Verboice voice platform. It notes that there are nearly 21 million mobile phone subscribers and over 5.8 million internet subscriptions in Cambodia, demonstrating access to technology. Verboice could enable data collection and program assessment using voice calls to overcome literacy and language barriers. Examples of potential uses include infectious disease information hotlines, factory worker feedback lines, and mHealth interventions for health programs.
Recommended
Acceptable Use Policy Making
This document discusses the process of developing an Acceptable Use Policy (AUP) for organizational IT resources. It explains that AUPs aim to define what use of resources is acceptable versus not, as the lines have blurred with BYOD and personal use of work devices. The development process involves establishing a team, researching current resource use, drafting the policy content covering purposes and restrictions, circulating the draft for feedback, approval, communication, implementation with monitoring, and periodic review/revision. An AUP is important to ensure compliance by outlining appropriate and inappropriate uses of computers, networks and systems.
F flack ands_ttt2_perth_phrn_17 may 2018_v1.0
PHRN - population health research network - presented by Dr Felicity Flack at the Accelerate your Data training event in Perth 17 May 2018
VT School Safety Conference 2013 Keynote
This document discusses improving school safety through collaboration, conducting hazard and vulnerability assessments, leveraging technology, establishing policies and procedures, and designating a chief safety officer for leadership. It emphasizes creating a multidisciplinary approach involving administrators, teachers, students, police, parents and others. Areas of focus include emergency management, threat assessment, substance abuse prevention, and security technology.
Joining the UK Access Management Federation
Presentation at the JISC Access Management Transition Programme Meeting from Simon Cooper, UKERNA. This presentation describes the process for joining the UK Access Management Federation
HITECH Health IT Legislation: Opportunities for the DMAA Community
The document discusses opportunities for the disease management community in light of recent health IT legislation. It outlines how disease management can embrace interoperability to become leaders rather than laggards. The legislation provides billions in incentives to adopt electronic health records and demonstrate meaningful use. This creates opportunities for disease management to participate through care coordination and use of clinical groupware platforms.
Saachi Neki Resume
Saachi Neki has extensive experience in information technology and cyber security through her education at the University of Cincinnati and work experience at Johnson & Johnson. She is expected to graduate from UC in August 2018 with a Bachelor of Science in Information Technology with a focus on cyber security and a 4.0 GPA Master of Business Administration. Her relevant coursework includes networking, programming, system administration, database management, computer forensics, and network security. Through two internships at Johnson & Johnson, she conducted research on product documentation, developed a medical device penetration testing methodology, and created databases and documentation for projects. She is involved in several student organizations at UC focused on information technology, leadership, and community service.
BioSense 2.0
The document discusses BioSense 2.0, a redesigned public health surveillance system that aims to create a community-controlled and shared environment. BioSense 2.0 will use cloud technology to allow states and local health departments to access computing resources and share surveillance data in a distributed network. This will save costs while increasing capabilities. The redesign also aims to support nationwide and regional situation awareness for all health threats.
Verboice tool for community participation
This document discusses opportunities for citizen participation in Cambodia through the Verboice voice platform. It notes that there are nearly 21 million mobile phone subscribers and over 5.8 million internet subscriptions in Cambodia, demonstrating access to technology. Verboice could enable data collection and program assessment using voice calls to overcome literacy and language barriers. Examples of potential uses include infectious disease information hotlines, factory worker feedback lines, and mHealth interventions for health programs.
RegEd Social Media Basics Webinar Series - the social media policy
The document discusses best practices for developing a social media policy. It recommends that a policy (1) define who is authorized to use social media on behalf of the company and which platforms are acceptable, (2) include governance and ethics guidelines as well as approved technologies and processes for ongoing management, and (3) require signed affirmations and describe mitigation strategies. The document also notes that a social media policy is both a business plan and governance document that should not be too restrictive and must comply with relevant regulations.
20110310 ARMA Northern CO Strategies and Policies for Social Media
This presentation delivered on March 10, 2011 described how to develop a social media policy, the elements and policy statements to include in a comprehensive policy, and other considerations for managing social media.
Some Proposed Principles for Interoperating Cloud Based Data Platforms
This is a talk that I gave on October 3, 2019 at RENCI at the NIH Workshop on Cloud-Based Platforms Interoperability.
Extending Access Management into BCE - Scoping Study
Key findings and recommendations from the 'Extending Access Management into BCE - Scoping Study'. Oakleigh Consulting Group
EHR Certification for Medical Practices
The document summarizes the recommendations of a workgroup on certification requirements for electronic health records. The workgroup recommended that certification focus on meeting meaningful use objectives. It also recommended improving transparency and objectivity in the certification process, expanding certification to different types of software, and developing a transition plan to address certification for 2011 stimulus funds. The recommendations aim to leverage certification to advance security, privacy, and interoperability while reducing barriers for vendors.
Develop project pia+ risk identification
An overview of potential privacy, legal and ethical risks for the Privacy Impact Assessment (PIA+) of the DEVELOP project’s career development tool, based on the initial user requirements.
To meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform: Part 1, Step 2: evaluate the policy document against the summarized NIST best practices, identify by number which, if any, of the eight best practices the policy satisfies, and for each practice that you identify, provide a reference to the statement in the policy that aligns with that best practice; Part 1 Step 3: suggest how you would revise the policy to directly align with the standards and provide specific statements that you would add/modify in the policy; Part 1, Step 4: describe whether the policy document is best titled as a policy or whether it would be better described using another element of the policy framework. Part 2, Step 3: describe the process that the Center uses to ensure that its standards represent the consensus of the cybersecurity community; Part 2, Step 5: identify the section of the recommendations that achieves this goal; Part 2, Step 7: for each of the five best practices in the previous step, classify the practice as: satisfied (indicate recommendation number that achieves the best practice), violated (indicate recommendation number that violates the best practice) or not addressed.
Unfortunately it looks like you were off target for this assignment; you needed to:
Part 1, Step 2: identify by number the best practices (given in the lab) that are satisfied by the policy - partial credit given;
Part 1 Step 3: provide specific statements on how you would revise the policy; you needed to align your statements with the best practices (e.g. Best Practice 2: add to Section 4.2) - partial credit given;
Part 1, Step 4: describe whether the policy document is best titled as a policy or whether it would be better described using another element of the policy framework; this "policy" is better described as a standard (see technical implementation details);
Part 2, Step 3: describe the process that the Center uses to ensure its standards represent the consensus of the cybersecurity community; see the Consensus Guidance portion of the document - partial credit given;
Part 2, Step 5: identify the section of the recommendations that achieves the goal of Step 3 - partial credit given;
Part 2, Step 7: classify the five best practices; indicate the recommendation number for each - partial credit given.
Applying the Security Policy Framework to an Access Control Environment (3e)
Access Control and Identity Management, Third Edition - Lab 10
Student: Email:
HARSHAVARDHAN POCHARAM [email protected]
Time on Task: Progress:
100%
Report Generated: Sunday, June 20, 2021 at 9:45 AM
Guided Exercises
Part 1: Evaluate a Security Policy
2. Evaluate the policy document against the NIST best practices summarized above. Identify by
number which, if any, of the eight best practices the policy satisfies. For each practice that you
identify, provide a reference to the statement in the policy that aligns with that best practice.
In line with relevant policy, the information s ...
Licensing health data to enable reuse
1) A data licence sets out how data can be reused and attributed. It is recommended that all data intended for reuse have a licence, whether open or restrictive, to promote safe and proper reuse.
2) The Creative Commons suite of licences are commonly used with 6 options ranging from most open to most restrictive. The CC BY licence allows for reuse and redistribution with attribution.
3) Applying a clear licence to data promotes safe data sharing and prevents unintended misuse by clarifying how others can access and use the data.
Ten Elements of Open Source Governance
OpenLogic and Olliance Group prepared these slides discussing ten elements that are essential to creating and maintaining an effective enterprise open source governance program.
Topics covered include:
- Defining and implementing open source policies
- Securing organizational support
- Taking inventory of open source usage
- Managing open source usage requests and approvals
- Auditing and reporting to ensure ongoing compliance
Building Digital Trust
: The role of data ethics in the digital age
Data is the biggest risk that is unaccounted for by businesses today. In the past, the scope for digital risk was limited to cybersecurity threats but leading organizations must now also recognize risks from lackluster ethical data practices. Mitigating these internal threats is critical for every player in the digital economy, and cannot be addressed with strong cybersecurity alone.
Harrisburg UniversityISEM 547 IT PolicyOb.docx
This document discusses IT policies, procedures, guidelines, and standards. It defines each term and explains that policies establish principles and rules to govern organizational actions, while procedures provide specific instructions to implement policies. Guidelines are recommended best practices, while standards provide a basis for comparison. The document notes that written policies and procedures help ensure consistency, manage risk, and prove due diligence. It provides tips for writing good policies and procedures, including making them clear, specific, enforceable, and flexible. The document also discusses when a procedure is needed to support a policy.
Provider Directory Task Force 01-04-11
The Information Exchange Workgroup will make recommendations to the HIT Policy Committee on policies, guidance governance, sustainability, architectural, and implementation approaches to enable the exchange of health information and increase capacity for health information exchange over time.
File000169
- Organizations need to implement effective data leakage prevention strategies like data security policies, auditing processes, access control, and encryption to protect their data from internal threats.
- Security policies help define acceptable usage of systems and data, as well as procedures for access control, backups, system administration and more. Logging policies should define which security-relevant events are logged for purposes like intrusion detection and reconstructing incidents.
- Evidence collection and documentation policies are important for responding to security incidents and preserving electronic evidence for analysis or legal proceedings. Information security policies aim to ensure the confidentiality, integrity and availability of organizational data.
PACE-IT: Security Policies and Other Documents
CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
"Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53"
Learn more about the PACE-IT Online program: www.edcc.edu/pace-it
Extending Access Management
to Business & Community Engagement
- John Paschoud
The document discusses extending universities' access management systems to accommodate business and community engagement activities. It presents case studies of widening participation schemes and workplace learning programs. Current issues include policies not designed for these relationships and workarounds like pseudo-students. The document proposes a workshop manual to help universities identify activities, review licenses and policies, and establish processes to properly integrate business and community participants into access management.
EHR Certification Requirements For Medical Practices
The document summarizes recommendations from a workgroup on certifying electronic health records (EHRs). The workgroup recommended that EHR certification focus on meeting meaningful use objectives. It also recommended improving transparency and objectivity in the certification process. Additionally, certification should be expanded to include a wider range of EHR sources like open source systems. Finally, the document outlines next steps like refining the recommendations based on public comments.
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA is in full effect and - as of July 1, 2020 - is being fully enforced. The “wait and see” game is officially over and organizations must be fully compliant in order to avoid regulatory fines and negative publicity. There are many requirements set forth by the CCPA, and building a strong compliance plan can be daunting. Not only does the compliance plan need to be set-up for future growth and changes, but it also needs the flexibility to produce on-demand, customized reports to provide to stakeholders.
TrustArc has helped organizations of all sizes and maturity with CCPA compliance from simple assessments to full automation. Investing time upfront to perform the proper analysis and planning is key to feeling confident that your CCPA compliance program will efficiently and effectively mitigate risk while meeting business objectives.
Join this webinar to see how TrustArc CCPA solutions help organizations of all sizes and maturity achieve and maintain compliance.
This webinar will review:
-Stages of CCPA program maturity
-TrustArc CCPA solutions for every stage of compliance
SharePoint Saturday Redmond - Don't Be Afraid of the "G" Word
The document provides an overview of a business analyst's experience and interests. It then discusses the importance of governance for successful SharePoint deployments and treats governance as a living process. Finally, it outlines a framework for measuring governance maturity across different categories like foundation, administration, communication, and adoption.
Preparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility Strategy outlines a 5-step process for developing a BYOD strategy:
1. Develop a business case by calculating the costs and savings of a BYOD program.
2. Segment the workforce based on work styles and common use cases.
3. Map workforce segments to planned service offerings like laptops, VDI, or mobile devices.
4. Define BYOD policies around minimum device standards, entitlements, and rules of use.
5. Design a new support model where IT supports applications and OS, while users support hardware.
Social networking and compliance 05 13-10 final
Presentation from May 13, 2010 webinar, hosted by NRS, on Social Networking: Compliance Challanges for AIs and BDs. Presented by
Introduction to Machine Learning
Introduction to Machine Learning
Association Analysis
Supervised (inductive) learning
Training data includes desired outputs
Classification
Regression/Prediction
Unsupervised learning
Training data does not include desired outputs
Semi-supervised learning
Training data includes a few desired outputs
Reinforcement learning
Rewards from sequence of actions
Time Series Analysis and Forecasting in Practice
This document discusses time series analysis and forecasting. It covers the components of time series including trends, seasonality, cyclical patterns and irregular components. It then describes several approaches to forecasting including qualitative judgmental methods, statistical time series models and explanatory causal models. Specific statistical time series forecasting techniques are explained such as simple and exponential smoothing, linear regression models, and Holt-Winters seasonal models. The importance of evaluating forecast accuracy is also highlighted.
More Related Content
Similar to Acceptable Use Policy Making
RegEd Social Media Basics Webinar Series - the social media policy
The document discusses best practices for developing a social media policy. It recommends that a policy (1) define who is authorized to use social media on behalf of the company and which platforms are acceptable, (2) include governance and ethics guidelines as well as approved technologies and processes for ongoing management, and (3) require signed affirmations and describe mitigation strategies. The document also notes that a social media policy is both a business plan and governance document that should not be too restrictive and must comply with relevant regulations.
20110310 ARMA Northern CO Strategies and Policies for Social Media
This presentation delivered on March 10, 2011 described how to develop a social media policy, the elements and policy statements to include in a comprehensive policy, and other considerations for managing social media.
Some Proposed Principles for Interoperating Cloud Based Data Platforms
This is a talk that I gave on October 3, 2019 at RENCI at the NIH Workshop on Cloud-Based Platforms Interoperability.
Extending Access Management into BCE - Scoping Study
Key findings and recommendations from the 'Extending Access Management into BCE - Scoping Study'. Oakleigh Consulting Group
EHR Certification for Medical Practices
The document summarizes the recommendations of a workgroup on certification requirements for electronic health records. The workgroup recommended that certification focus on meeting meaningful use objectives. It also recommended improving transparency and objectivity in the certification process, expanding certification to different types of software, and developing a transition plan to address certification for 2011 stimulus funds. The recommendations aim to leverage certification to advance security, privacy, and interoperability while reducing barriers for vendors.
Develop project pia+ risk identification
An overview of potential privacy, legal and ethical risks for the Privacy Impact Assessment (PIA+) of the DEVELOP project’s career development tool, based on the initial user requirements.
To meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform: Part 1, Step 2: evaluate the policy document against the summarized NIST best practices, identify by number which, if any, of the eight best practices the policy satisfies, and for each practice that you identify, provide a reference to the statement in the policy that aligns with that best practice; Part 1 Step 3: suggest how you would revise the policy to directly align with the standards and provide specific statements that you would add/modify in the policy; Part 1, Step 4: describe whether the policy document is best titled as a policy or whether it would be better described using another element of the policy framework. Part 2, Step 3: describe the process that the Center uses to ensure that its standards represent the consensus of the cybersecurity community; Part 2, Step 5: identify the section of the recommendations that achieves this goal; Part 2, Step 7: for each of the five best practices in the previous step, classify the practice as: satisfied (indicate recommendation number that achieves the best practice), violated (indicate recommendation number that violates the best practice) or not addressed.
Unfortunately it looks like you were off target for this assignment; you needed to:
Part 1, Step 2: identify by number the best practices (given in the lab) that are satisfied by the policy - partial credit given;
Part 1 Step 3: provide specific statements on how you would revise the policy; you needed to align your statements with the best practices (e.g. Best Practice 2: add to Section 4.2) - partial credit given;
Part 1, Step 4: describe whether the policy document is best titled as a policy or whether it would be better described using another element of the policy framework; this "policy" is better described as a standard (see technical implementation details);
Part 2, Step 3: describe the process that the Center uses to ensure its standards represent the consensus of the cybersecurity community; see the Consensus Guidance portion of the document - partial credit given;
Part 2, Step 5: identify the section of the recommendations that achieves the goal of Step 3 - partial credit given;
Part 2, Step 7: classify the five best practices; indicate the recommendation number for each - partial credit given.
Applying the Security Policy Framework to an Access Control Environment (3e)
Access Control and Identity Management, Third Edition - Lab 10
Student: Email:
HARSHAVARDHAN POCHARAM [email protected]
Time on Task: Progress:
100%
Report Generated: Sunday, June 20, 2021 at 9:45 AM
Guided Exercises
Part 1: Evaluate a Security Policy
2. Evaluate the policy document against the NIST best practices summarized above. Identify by
number which, if any, of the eight best practices the policy satisfies. For each practice that you
identify, provide a reference to the statement in the policy that aligns with that best practice.
In line with relevant policy, the information s ...
Licensing health data to enable reuse
1) A data licence sets out how data can be reused and attributed. It is recommended that all data intended for reuse have a licence, whether open or restrictive, to promote safe and proper reuse.
2) The Creative Commons suite of licences are commonly used with 6 options ranging from most open to most restrictive. The CC BY licence allows for reuse and redistribution with attribution.
3) Applying a clear licence to data promotes safe data sharing and prevents unintended misuse by clarifying how others can access and use the data.
Ten Elements of Open Source Governance
OpenLogic and Olliance Group prepared these slides discussing ten elements that are essential to creating and maintaining an effective enterprise open source governance program.
Topics covered include:
- Defining and implementing open source policies
- Securing organizational support
- Taking inventory of open source usage
- Managing open source usage requests and approvals
- Auditing and reporting to ensure ongoing compliance
Building Digital Trust
: The role of data ethics in the digital age
Data is the biggest risk that is unaccounted for by businesses today. In the past, the scope for digital risk was limited to cybersecurity threats but leading organizations must now also recognize risks from lackluster ethical data practices. Mitigating these internal threats is critical for every player in the digital economy, and cannot be addressed with strong cybersecurity alone.
Harrisburg UniversityISEM 547 IT PolicyOb.docx
This document discusses IT policies, procedures, guidelines, and standards. It defines each term and explains that policies establish principles and rules to govern organizational actions, while procedures provide specific instructions to implement policies. Guidelines are recommended best practices, while standards provide a basis for comparison. The document notes that written policies and procedures help ensure consistency, manage risk, and prove due diligence. It provides tips for writing good policies and procedures, including making them clear, specific, enforceable, and flexible. The document also discusses when a procedure is needed to support a policy.
Provider Directory Task Force 01-04-11
The Information Exchange Workgroup will make recommendations to the HIT Policy Committee on policies, guidance governance, sustainability, architectural, and implementation approaches to enable the exchange of health information and increase capacity for health information exchange over time.
File000169
- Organizations need to implement effective data leakage prevention strategies like data security policies, auditing processes, access control, and encryption to protect their data from internal threats.
- Security policies help define acceptable usage of systems and data, as well as procedures for access control, backups, system administration and more. Logging policies should define which security-relevant events are logged for purposes like intrusion detection and reconstructing incidents.
- Evidence collection and documentation policies are important for responding to security incidents and preserving electronic evidence for analysis or legal proceedings. Information security policies aim to ensure the confidentiality, integrity and availability of organizational data.
PACE-IT: Security Policies and Other Documents
CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
"Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53"
Learn more about the PACE-IT Online program: www.edcc.edu/pace-it
Extending Access Management
to Business & Community Engagement
- John Paschoud
The document discusses extending universities' access management systems to accommodate business and community engagement activities. It presents case studies of widening participation schemes and workplace learning programs. Current issues include policies not designed for these relationships and workarounds like pseudo-students. The document proposes a workshop manual to help universities identify activities, review licenses and policies, and establish processes to properly integrate business and community participants into access management.
EHR Certification Requirements For Medical Practices
The document summarizes recommendations from a workgroup on certifying electronic health records (EHRs). The workgroup recommended that EHR certification focus on meeting meaningful use objectives. It also recommended improving transparency and objectivity in the certification process. Additionally, certification should be expanded to include a wider range of EHR sources like open source systems. Finally, the document outlines next steps like refining the recommendations based on public comments.
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA is in full effect and - as of July 1, 2020 - is being fully enforced. The “wait and see” game is officially over and organizations must be fully compliant in order to avoid regulatory fines and negative publicity. There are many requirements set forth by the CCPA, and building a strong compliance plan can be daunting. Not only does the compliance plan need to be set-up for future growth and changes, but it also needs the flexibility to produce on-demand, customized reports to provide to stakeholders.
TrustArc has helped organizations of all sizes and maturity with CCPA compliance from simple assessments to full automation. Investing time upfront to perform the proper analysis and planning is key to feeling confident that your CCPA compliance program will efficiently and effectively mitigate risk while meeting business objectives.
Join this webinar to see how TrustArc CCPA solutions help organizations of all sizes and maturity achieve and maintain compliance.
This webinar will review:
-Stages of CCPA program maturity
-TrustArc CCPA solutions for every stage of compliance
SharePoint Saturday Redmond - Don't Be Afraid of the "G" Word
The document provides an overview of a business analyst's experience and interests. It then discusses the importance of governance for successful SharePoint deployments and treats governance as a living process. Finally, it outlines a framework for measuring governance maturity across different categories like foundation, administration, communication, and adoption.
Preparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility Strategy outlines a 5-step process for developing a BYOD strategy:
1. Develop a business case by calculating the costs and savings of a BYOD program.
2. Segment the workforce based on work styles and common use cases.
3. Map workforce segments to planned service offerings like laptops, VDI, or mobile devices.
4. Define BYOD policies around minimum device standards, entitlements, and rules of use.
5. Design a new support model where IT supports applications and OS, while users support hardware.
Social networking and compliance 05 13-10 final
Presentation from May 13, 2010 webinar, hosted by NRS, on Social Networking: Compliance Challanges for AIs and BDs. Presented by
Similar to Acceptable Use Policy Making (20)
RegEd Social Media Basics Webinar Series - the social media policy
RegEd Social Media Basics Webinar Series - the social media policy
20110310 ARMA Northern CO Strategies and Policies for Social Media
20110310 ARMA Northern CO Strategies and Policies for Social Media
Some Proposed Principles for Interoperating Cloud Based Data Platforms
Some Proposed Principles for Interoperating Cloud Based Data Platforms
Extending Access Management into BCE - Scoping Study
Extending Access Management into BCE - Scoping Study
To meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform Part 1, S
Building Digital Trust
: The role of data ethics in the digital age
Building Digital Trust
: The role of data ethics in the digital age
Extending Access Management
to Business & Community Engagement
- John Paschoud
Extending Access Management
to Business & Community Engagement
- John Paschoud
EHR Certification Requirements For Medical Practices
EHR Certification Requirements For Medical Practices
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
SharePoint Saturday Redmond - Don't Be Afraid of the "G" Word
SharePoint Saturday Redmond - Don't Be Afraid of the "G" Word
More from Dilum Bandara
Introduction to Machine Learning
Introduction to Machine Learning
Association Analysis
Supervised (inductive) learning
Training data includes desired outputs
Classification
Regression/Prediction
Unsupervised learning
Training data does not include desired outputs
Semi-supervised learning
Training data includes a few desired outputs
Reinforcement learning
Rewards from sequence of actions
Time Series Analysis and Forecasting in Practice
This document discusses time series analysis and forecasting. It covers the components of time series including trends, seasonality, cyclical patterns and irregular components. It then describes several approaches to forecasting including qualitative judgmental methods, statistical time series models and explanatory causal models. Specific statistical time series forecasting techniques are explained such as simple and exponential smoothing, linear regression models, and Holt-Winters seasonal models. The importance of evaluating forecast accuracy is also highlighted.
Introduction to Dimension Reduction with PCA
Dimension reduction techniques simplify complex datasets by identifying underlying patterns or structures in the data. Principal component analysis (PCA) is a common dimension reduction method that defines new axes (principal components) to maximize variance in the data. PCA examines correlations between these principal components and the original variables to identify sets of highly correlated variables and reduce them to a few representative components. Eigenvalues measure the amount of variance explained by each principal component, and scree plots can help determine how many components to retain by balancing information loss and simplification of the data.
Introduction to Descriptive & Predictive Analytics
This document provides an introduction to descriptive and predictive analytics. It discusses key concepts including descriptive analytics which uses data aggregation and mining to provide insights into past data, predictive analytics which uses statistical models and forecasts to understand the future, and prescriptive analytics which uses optimization and simulation to advise on possible outcomes. The document also reviews basic statistical concepts such as measures of location, dispersion, shape, and association that are important for data analytics. These concepts include mean, median, standard deviation, skewness, kurtosis, and correlation.
Introduction to Concurrent Data Structures
Blocking and nonblocking Techniques: Combining Tree, Compare-and-Swap (CaS)
Linked Lists, Queues, & Stacks: Bounded and unbounded
Hard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
The document discusses several problems that are hard to parallelize, including matrix-vector multiplication and matrix-matrix multiplication. It describes 1D and 2D assignment approaches to parallelizing matrix-vector multiplication across multiple processors. 1D assignment distributes the rows of the matrix and vector across processors, while 2D assignment distributes them in a 2D grid. It also outlines map-reduce approaches to parallelizing vector-matrix and matrix-matrix multiplication, breaking the problems into mapping and reducing stages.
Introduction to Map-Reduce Programming with Hadoop
This document provides an overview of MapReduce programming with Hadoop, including descriptions of HDFS architecture, examples of common MapReduce algorithms (word count, mean, sorting, inverted index, distributed grep), and how to write MapReduce clients and customize parts of the MapReduce job like input/output formats, partitioners, and distributed caching of files.
Embarrassingly/Delightfully Parallel Problems
This document discusses embarrassingly parallel problems and the MapReduce programming model. It provides examples of MapReduce functions and how they work. Key points include:
- Embarrassingly parallel problems can be easily split into independent parts that can be solved simultaneously without much communication. MapReduce is well-suited for these types of problems.
- MapReduce involves two functions - map and reduce. Map processes a key-value pair to generate intermediate key-value pairs, while reduce merges all intermediate values associated with the same intermediate key.
- Implementations like Hadoop handle distributed execution, parallelization, data partitioning, and fault tolerance. Users just provide map and reduce functions.
Introduction to Warehouse-Scale Computers
Warehouse-Scale Computers and their programming model and workloads. Architectures and cloud computing
Introduction to Thread Level Parallelism
Multi-processors, Shared-memory architectures, Memory synchronization
Symmetric Multiprocessors (SMP)
Distributed Shared Memory (DSM)
Aspects of cache coherence - Coherence and Consistency
Shared-memory architectures - Snooping and Directory based
Memory synchronization
CPU Memory Hierarchy and Caching Techniques
COU Memory Hierarchy. Widening processor-memory performance Gap. Cache replacement options. Basic Cache Optimization Techniques
Data-Level Parallelism in Microprocessors
1. The document discusses data-level parallelism and summarizes vector architectures, SIMD instruction sets, and graphics processing units (GPUs). 2. It describes vector architectures like VMIPS that can perform operations on sets of data elements via vector registers. 3. It also explains how SIMD extensions like SSE exploit fine-grained data parallelism and how GPUs are optimized for data-parallel applications through a multithreaded SIMD execution model.
Instruction Level Parallelism – Hardware Techniques
Instruction Level Parallelism – Hardware Techniques such as Branch prediction (Static and Dynamic Branch Prediction).
Tomasulo Algorithm and Multithreading.
Instruction Level Parallelism – Compiler Techniques
Instruction Level Parallelism (ILP). Compiler techniques to increase ILP such as Loop Unrolling and Static Branch Prediction.
Dynamic Branch Prediction
Tomasulo Algorithm
Multithreading
CPU Pipelining and Hazards - An Introduction
Pipelining is a technique used in computer architecture to overlap the execution of instructions to increase throughput. It works by breaking down instruction execution into a series of steps and allowing subsequent instructions to begin execution before previous ones complete. This allows multiple instructions to be in various stages of completion simultaneously. Pipelining improves performance but introduces hazards such as structural, data, and control hazards that can reduce the ideal speedup if not addressed properly. Control hazards due to branches are particularly challenging to handle efficiently.
Advanced Computer Architecture – An Introduction
Introduction to advanced computer architecture, including classes of computers,
Instruction set architecture, Trends, Technology, Power and energy
Cost
Principles of computer design
High Performance Networking with Advanced TCP
High Performance Networking with TCP. TCP properties, UDP, flow control, Congestion Avoidance & Control, slow start, Congestion Control Review, TCP Tahoe & Reno
Introduction to Content Delivery Networks
Introduction to Content Delivery Networks.
CDN design options such as HTTP Redirects, DNS Based, Application Based, Name Based
Peer-to-Peer Networking Systems and Streaming
Introduction to P2P networking, including P2P systems, Unstructured vs. structured overlays, and P2P streaming, distributed hash table
Mobile Services
Introduction to mobile services like mobile IPTV, mobile social networking, and location-based services
More from Dilum Bandara (20)
Introduction to Descriptive & Predictive Analytics
Introduction to Descriptive & Predictive Analytics
Hard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
Hard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
Introduction to Map-Reduce Programming with Hadoop
Introduction to Map-Reduce Programming with Hadoop
Instruction Level Parallelism – Hardware Techniques
Instruction Level Parallelism – Hardware Techniques
Instruction Level Parallelism – Compiler Techniques
Instruction Level Parallelism – Compiler Techniques
Recently uploaded
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
Essentials of Automations: Exploring Attributes & Automation Parameters
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Pitangent Analytics & Technology Solutions Pvt. Ltd
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.5th LF Energy Power Grid Model Meet-up Slides
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Dmitrii Kamaev, PhD
Senior Product Owner - QIAGEN
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Tomaz Bratanic
Graph ML and GenAI Expert - Neo4j
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Northern Engraving | Nameplate Manufacturing Process - 2024
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Choosing The Best AWS Service For Your Website + API.pptx
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
The Microsoft 365 Migration Tutorial For Beginner.pptx
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Generating privacy-protected synthetic data using Secludy and Milvus
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Gursev Pirge, PhD
Senior Data Scientist - JohnSnowLabs
Dandelion Hashtable: beyond billion requests per second on a commodity server
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Recently uploaded (20)
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Acceptable Use Policy Making
- 1. ACCEPTABLE USE POLICY MAKING CS5102 IT POLICY AND PLANNING DILUM BANDARA, PHD
- 2. Clear Ownership, but Blurred Use Organizational IT resources should be used only for the purposes that they are provided for Increasingly organizations are allowing users to use cooperate resources for personal use & vice versa COPE vs. BYOD What is acceptable & what’s not are getting blurred Organizations should have the right to inspect all data stored on or communicated via organizational resources without invading privacy of users 2
- 3. Acceptable Use Policy (AUP) Defines what’s acceptable & what’s not States the purpose why resources are provided It sets guidelines as to how computers, network, website, or system may be used It restrict the ways in which those resources may be used Defines the consequences of violating the rules of conduct Ensure compliance 3
- 4. Process Initiate & Establish Structure Review & Research Preparation of Draft Policy Circulation & Consultation Ratification & Communication Implementation Monitoring Review, Evaluation & Revision 4 Source: www.webwise.ie/teachers/acceptable-use-policy/how-to- develop-an-acceptable-use-policy-2/
- 5. Initiate & Establish Structure Define the teams who are responsible for preparation of AUP & approval of it Define policy scope Typically developed under the IT Council Approved by IT Advisory Board and/or CIO Board 5
- 6. Review & Research Develop an inventory of computers, network, websites, or systems may be used Consider both in-house & outside resources that users have access to Laptops, tablets, smartphones, Wi-Fi, e-Mail, Voice mail, Enterprise social networking platforms, cooperate accounts Identify types personal devices & resources they access/connect Determine pros & cons of covering these in UAP or a separate policy such as BYOD 6
- 7. Draft Policy Content Establish purposes for providing resources Define resources covered under AUP Define what is non-business use State the right to inspect & monitor State what is monitored, how, & under what circumstances State restrictions on solicitation State relevant laws & consequences of violation Contact information for clarifications & feedback 7
- 8. Process (Cont.) Circulation & Consultation Share with stakeholders Solicit feedback Ratification & Communication Obtain approval Then communicate to all stakeholders Implementation Phased enforcement Monitoring Regular (automated) checks Identify any overlooked issues Review, Evaluation & Revision Evolve as technology & use evolve Cover missing pieces 8
Editor's Notes
- Restrictions on solicitation – No political campaigns, fund raising