General discussion


Who should write Policies and Procedures?

By Net Designer ·
Who do you think should write Network and Computer use Policies and Procedures: network administrator, overloaded with daily routine tasks and various IT projects, or IT Manager?

This conversation is currently closed to new comments.

92 total posts (Page 4 of 10)   Prev   02 | 03 | 04 | 05 | 06   Next
Thread display: Collapse - | Expand +

All Comments

Collapse -

Thanks for the advice - it was really good one

by Net Designer In reply to Look at the silver lining

I am not really much into management and politics, but will take your word of advice. Thanks again.

Collapse -

Have you try the Download section??

by IT_Lobo In reply to He said - "just get me a ...

Have you looked at the one TechRepublic has in the downloads??

Collapse -

Look at it this way

by LiamE In reply to He said - "just get me a ...

Look at it this way, think what the company wants from the policy and write up something quick and rough. Talk to any 'stakeholders' you can get hold of for 5 minutes and ask them what they want out of the policy.

If your manager has not given you input into what the policy should contain go ahead and find out for yourself. You may well find that he is under pressure to have a policy in place more to put a tick in a box than to actually manage anything.

Collapse -

Absolutely the Big Big Picture

by FRSAL In reply to He said - "just get me a ...

If techies could youre right, they would restrict everything a user does to mess up a pc or network. Not to mention the over zealous manager who thinks that all users are loosers.

If you look at the bigger picture what about a goverment installation or a school. Policy comes from the top they wrote it and we simply enforce it. I strongly believe it is not our role to dictate what can and can't be done. I use all automatic filters and windows policy that way I can say sorry it's not my call it is all automatic with regards to what you can and cannot do.

Collapse -

by TonytheTiger In reply to Strictly a management fun ...

I would say management's role is approval and enforcement of policy, not necesarily writing it. Management may not even know that there is a need for a particular policy or why.

Collapse -

Policy is

by Tony Hopkinson In reply to Who should write Policies ...

set by management, Procedures by those who have to implement them.
The policy can be very vague, like a mission statement. This is a help though, because it means you can justify the procedures you want against the policy.
Personally I favour no implementatioon details in the policy. You will meet legislative requirements, support the business function etc.

Procedures should be made and managed by the team. The last time I did this sort of thing, the manager never went near the content of the procedure, the only thing he cared about was that they implemented the policy.
What's the big issue at the monent in the department. Write a draft that could be seen to implement the vague appreciation you have of company policy your manager has given, then have him review it.
In your position I'd consider this a heaven sent opportunity to shine, but I like it when everybody in the company knows who I am. I don't care that they don't like what I've done, to chnage it all they have to do is get off their *** and contribute.

Collapse -

Depends on company culture, but the IT "team" is what I like best

by TomSal In reply to Who should write Policies ...

I know it seems obvious to many that the IT manager would make the policy, but its not so clear cut at some companies. Like this one for instance the "top" IT guy is also involved in overseeing the total operations of the business and he has little time to spend on IT policy by himself and to be honest, its more towards the end of his priority list than the top.

So what we do is approach it as a team effort. Then we logically talk about it what is going on in the company, where we feel we are exposed to vulnerabilities and lack of legal coverage (ie. no copying software, downloading unlicensed content, etc.).

For one policies aren't static, some things will stay the same of course, but other areas of policy adapts with time and newer technologies. The techs (me being one) know HOW AND WHY stuff works better than anyone else in the company so its logical to have their (our) input when dicussing IT policies.

Collapse -

by TonytheTiger In reply to Depends on company cultur ...

It doesn't seem obvious to me at all. The IT department is almost always subservient to other departments in a company. We provide what they need to help them do their jobs, not the other way around.

Collapse -

Yes, except you can't expect THEM to make policy

by TomSal In reply to

True. We provide services for the benefits of the other departments. Let's face in IT our customer is literally our fellow associates in all the other departments.

However when the subject is IT policy, certainly the other departments can't (or at least they shouldn't be allowed to) write the policy. That's like them writing their own rules for what they can download, the extent of freedom they have with surfing the web, etc.

I think IT policy should be drafted in the IT department, then passed to management for review, editing, approval, then IT finalizes it.

Collapse -

by TonytheTiger In reply to Yes, except you can't exp ...

It's is up to each employee's supervisor to determine what the employee is or isn't allowed to do on the job (within the limits given them from above, of course). It isn't up to the IT department. Ours is only to implement what is asked of us from above.

Back to IT Employment Forum
92 total posts (Page 4 of 10)   Prev   02 | 03 | 04 | 05 | 06   Next

Related Discussions

Related Forums