Policies, Plans and Procedures are at the core of a well-run IT department. They define how the IT department functions and what systems support those functions. These Policies, Plans, and Procedures describe what is to be done, who is responsible for making it happen and how the actions are executed and recorded. Generally Policies, Plans, and Procedures follow a hierarchical scheme with Policies at the top level which describe Plans. Plans describe what procedures are used to implement the Plan. Procedures detail the actions to be completed. Procedures may also require guides and work instructions to provide additional detail for procedure implementation.
Procedures may be implemented through systems which maintain information about actions taken when implementing the procedures. An example might include a corporate IT policy which identifies a Cyber Security plan as a key IT focus. The plan may identify several procedures for maintaining Cyber Security, such as a procedure for the use of passwords to access networks and software applications. In this example, Active Directory may be the system used to execute the password procedure.
At the top level, Policies should include a Corporate IT Policy. This policy may identify plans that address major areas such as a Cyber Security Program, Software Quality Assurance, Computer Systems Validation, and Knowledge Management. At the Plan Level, procedures may be defined for processes.
Why Should you Attend: What are reasonable and achievable best practices for your IT organization? Properly implemented Best Practices for IT controls are the basis of an efficient and effective IT services department and the foundation of IT Governance.
Whether your IT department is in-house, outsourced or a combination; for startups, small or mid-sized businesses:
- What happens to corporate IT services and knowledge when a key person or contractor leaves?
- How long does it take to restore IT services after an outage?
- How secure is your data?
- How quickly can your company be back up and running after a catastrophic event cripples your data center?
- How does IT support corporate regulatory compliance?
- What role does IT play in making IT investment decisions?
Having an IT Services department that is responsive to corporate needs is achieved through IT Governance with IT Controls at the core of governance. The triad of IT Governance, IT Management and IT Controls must be right-sized for your company.
The old adage of "if it is not written down it does not exist" applies not only to process control and cyber security, but is also a requirement for process improvement. Processes must be documented so they can be evaluated and measured. Without metrics there is no baseline for evaluating improvements.
This webinar helps to define the documentation and processes for achieving and maintaining high quality IT Services that support corporate processes and corporate growth, while also being responsive to employee’s needs. In this webinar we will discuss what are the core Policies, Plans and Procedures to define IT Controls. The types of systems to support these IT Controls will also be discussed.
Areas Covered in the Session:
- IT Governance
- Policies, Plans and Procedures
- Major components and considerations
- Policy Outline
- Policy Example
- Plan Outline
- Plan Examples
- SOP Outline
- Example SOPs
- Systems that support SOPs
- IT Governance
- Bringing it all together
- Right Sizing for your business
- Where to find more information
Who Will Benefit:
- IT Director
- IT Manager
- Business Unit Mangers
- QA Directors/Managers