This document outlines an IT policy and guidelines for AORA IT. It discusses principles of acceptable use including maintaining systems, standardizing hardware and software for lower costs, and using IT facilities for work purposes only. It provides roles and responsibilities for the IT department in procuring, installing and maintaining equipment. Acceptable use policies are defined for desktops, laptops and printers including proper care, prohibited activities, and guidelines for securing and backing up data.

1. AORA IT POLICY
The Practical Approach
V.1.4
TECHNOLOGY DIVISION
By: Julian Hutabarat - June 2013

2. Policy vs. Procedure

3. Principles
Acceptable Use Policy
Principles
The purpose of the IT Policy is to ensure the effective protection and proper usage of the computer systems
within The Company. The IT investment of the organization is considerable, and the dependency on computer
technology in the delivery of the company services is high. The IT Policy will assist in maintaining systems at
operational level. Contraventions of the IT Policy could seriously disrupt the operation of the company and any
breaches will be treated seriously.
To ensure all IT equipment and software at AORA TV is procured in the most cost effective way and meets
minimum Company operating standards. A standardized network system, standard software and administrative
computing systems are essential for this, as is the standardization of the hardware that will run these systems.
This will result in lower IT costs for the Company.
The Company encourages the use of IT facilities to make work processes more efficient and effective. The
company IT assets, infrastructure and equipment remain the property of the companies at all times. The
Company provides these facilities in order to improve the productivity of employees in the course of executing
their job functions.
The company IT assets, infrastructure and equipment remain the property of the Companies at all times. The
Companies provides these facilities in order to improve the productivity of employees in the course of executing
their job functions.
The company IT facilities are intended to be for business purposes only and not for private/personal work. The
access to and use of Companies IT facilities is a privilege and not a right.
The standardization of PC and Notebook Computer Equipment assists in the optimization of company
investments and the supportability of our IT desktop standard environment including efficient operation and
provision of this system. Technology Division/IT Department is responsible for establishing standard
configurations of PC, Notebook Computer and Printer Equipment for the Company employees.

4. Guideline Acceptable Use Policy
Role of The Information Technology (IT)
1. The purchase, installation, configuration and maintenance of computer equipment are the
responsibility of the IT Department.
2. No new computers, printers, and/or any computer equipment shall be bought without
approval and authorization from the Technology Division/IT Department.
3. No software package is to be purchased and loaded without the approval and authorization
from the Technology Division/IT Department.
4. IT Department MUST ALWAYS be advised of :
a) All computer faults before anyone or any service provider from outside is called to fix
the problem.
b) Any computer equipment which is being moved from one location to another.
5. IT Department does not carry an inventory of extra hardware nor is it cost effective to have
hardware maintenance personnel on staff (Maintenance).
6. IT Department maintains an inventory of equipment and software. An annual inspection will
determine the equipment location, type, software applications, and operating systems
(Inventory).
7. IT Department will coordinate maintenance services, be the primary contact for making
service calls, monitor service levels, and recommend for the costs of maintenance.
8. IT Department will install standard equipment and software in the requesting department,
verify that it functions properly, and instruct the clients in its basic operation. Additional
training is the responsibility of the department (Installation & Testing).

5. Acceptable Use Policy for
Desktop, Laptop & Printer
This policy defines end-user acceptable use of company IT equipment. The policy applies to
desktops, laptops, printers, and other equipment provided by the Companies. Acceptable use
applies to proper care, handling and maintenance of equipment use.
User Responsibilities.
1. Users shall use company- provided IT equipment responsibly and for company business
purposes only. Appropriate use policies are;
2. Company information displayed on screens or on reports shall be treated as confidential
and private. Users must guard company information from unauthorized access or use. Any
employee-signed confidentiality agreement shall fully apply to information accessed with
company IT equipment.
3. Managers are responsible to ensure that their employees are adequately trained on
appropriate use of IT equipment and that they adhere to this policy.
4. Users may not grant access to non-employees, including vendors or contractors, without
approval of their manager or approval by the IT Department.
5. Users shall keep their equipment clean and free from dust. Users shall maintain “breathing
space” around equipment in accordance with equipment installation instructions.
6. Users shall not eat or drink at their workstation.
7. Desktop acceptable use policies apply equally to portable devices, including laptops and
notebooks.

6. Acceptable Use Policy for
Desktop & Laptop
User Responsibilities.
8. All acceptable use polices apply equally to non-company provided equipment if the
equipment accesses company information or company networks.
9. Users who access company information and computer systems from remote locations
must adhere to this policy..
10. Users should not store company information or files locally only. The use of shared or
network drives for all company information is required.
11. Users are responsible for backing up files stored on their desktop or laptop. The
Companies does not provide backups at the desktop level.
12. Costs incurred from damages or total loss of a desktop/notebook computer may be the
responsibility of the employee if the circumstances are caused by intentional damage,
improper care or neglect.
13. Users must be held accountable for unauthorized or illegal use of the company owned
personal computers.
14. Managers are responsible to ensure that their employees are adequately trained on
appropriate use of IT equipment and that they adhere to this policy.

7. Acceptable Use Policy for
Desktop & Laptop
Prohibited Practices
Any activity, action, or lack of action on the part of a user that damages the companies or
compromises security or confidentiality is prohibited. Examples of prohibited practices include:-
1. Installing new desktops or equipment without prior approval by the IT Department.
2. Upgrading equipment or adding peripheral equipment without prior approval of the IT
Department.
3. Downloading and/or installing programs that are not specifically approved by the IT
Department.
4. Using unlicensed software. Users may not copy and share software that is installed on
their desktops or laptops with other users.
5. Using programs or Internet web sites that compromise the privacy of customers or
employees.
6. Removing or compromising desktop virus protection programs.
7. Opening email attachments that are inappropriate or from someone you do not know.
8. Using company-provided IT equipment for non-business reasons or for personal gain.
9. Unauthorized attempts to break into any workstation.
10. Unauthorized access to company files, programs, databases, or confidential information.
11. Sending or posting confidential files to unauthorized persons.
12. Allowing co-workers or other users to use your desktop without approval of your manager
or by the IT Department.
13. Sharing password information or displaying it in plain view on or around your desktop.
Users must secure their passwords and not reveal them to others.

8. Guideline:
1. Shutdown your computer unit properly before leaving your working area.
2. Logout of finish session and lock computer when left unattended or should need to
be in locked offices when not in use.
3. Place Desktop on a flat and stable surfaces.
4. Always keep your computer clean and dry, avoid using it with wet hands.
5. Always disconnect the Desktop from the power outlet and disconnect peripherals
before attempting to clean your Desktop of its component.
6. Implement Anti-Virus software.
7. Protect confidential and sensitive information.
8. Regularly check for and apply vendor security updates for your operating system and
applications.
9. User is responsible for backing up any files from the desktop computer.
10. Data must be backed up on a regular basis, and the backups held in a secure location.
Proper handling of PC

9. Guideline:
1. Physically secure your machine or never leave an unsecured laptop computer
unattended.
2. Implement anti-virus software.
3. Protect confidential and sensitive information.
4. Scan email attachments before opening them
5. Use both hands when lifting and moving your laptop.
6. Close the screen and unplug the power supply when moving the laptop.
7. Keep food away from your laptop.
8. Always keep your hands clean while using your laptop.
9. Regularly check for and apply vendor security updates for your operating system and
applications.
10. Users is responsible for backing up and files from the notebook computer.
11. Data must be backed up on a regular basis, and the backups held in a secure location.
Proper handling of Notebook

10. Acceptable Use Policy for
Desktop, Laptop & Printer
Not each department will have a dedicated printer or networked printer. Full support is
provided for these printers. Departmental staff should be familiar with basic printer operation
(i.e. how to power the printer down/up, how to clear paper jams, etc.). The Help Desk provides
the first level of support for problems with these printers. Before calling for help, the individual
should check to see if others are able to print successfully to the printer so it can be determined
whether the problem lies with the printer or an individual's computer.
Guidelines
1. Laser Printers are cost effective for printing office documents and letters. The toner
cartridges can also be refilled at a lower cost than purchasing a new toner.
2. Dot Matrix printers are required for printing salary bills, Receipt payment and other
documents which require large sheets and carbonize of paper.
3. Inkjet Printers can be used wherever the volume of printouts required are low and also
when there is a need to take high resolution colored printouts.
4. To optimize the use of printers, a single heavy duty printer can be shared over a network
and used as a shared network printer by 2 or more officers thus reducing the cost for
maintenance and resulting in the optimum use of the printer.

11. 1. SMT & Manager (3rd Gen i5-3320M, Memory 4 Gb, 12.5 Inch, 320
GB HDD).
2. Engineer's (3rd Gen i5-3320M,
Memory 8 Gb, 14 Inch, 500 GB HDD).
3. Staff & Supervisor
(Intel® i3, Memory 4 GB, 14 Inch, 250 GB HDD).
Hardware Notebook Policy

12. Memory
1. Minimum Memory 4 GB for Standard Users
2. Minimum Memory 8 GB for Engineer Users
Operating System Windows
1. Windows 7 Home Basic for Regular Users
2. Windows 7 Pro, upon request
Computer Equipment Repair (Warranty):
1. Notebook for SMT and Manager Level are 3 years
2. Notebook for Staff or Supervisor are 1 years.
Hardware Notebook Policy

13. 1. Group Printer (HQ & Branches)
a) Xerox DocuPrint P255 dw
b) HP Laser Jet HP LaserJet (M1132 MFP)
c) HP Laser Jet HP LaserJet Pro (M1536DNF)
d) Epson Stylus Home Small-in-One Printers
e) Epson TM U220 ( Printer Payment )
f) Multifunction Copiers
Hardware Printer Policy
Document proposed by IT Infrastructure

14. Prepared by Julian Hutabarat