Information Technology policies will assist your organisation to set a baseline of what is expected from both the investment you have made and the staff who use or support that investment. Whilst policies do not deliver your strategy, they will set the boundaries to ensure your strategy moves in the right direction to support the organisation.
Policies should be clear, concise, consistent and as much as possible in plain language. Stakeholders should be consulted in developing policies where applicable as this will help with compliance down the track. Some organisations may look to bundle like policies together, which can be useful, but resist the temptation to make policies too extensive as this will be harder for staff to digest. Some policies are also necessary for legal compliance, one example is the mandatory data breach notification, which came into effect in 2017, requiring an organisation that has their data compromised, to now report this to the Australian Information Commissioner.
- Acceptable Use
- Information Use
- Security/Access Control
- Disaster Recovery
- Standard Operating Environment (SOE)
- Internet Use
- Mobile devices
- Social Media
- Disposal of IT
If you would like assistance in identifying and developing the relevant policies for your organisation, please contact us on this website or 0417 811 392