|
|
|
|
|
|
GUIDELINES FOR A POLICY ON INTERNET/INTRANET/EXTRANET Dear Jidaw, Subject: POLICY ON INTERNET/INTRANET/EXTRANET What are the likely things to consider when articulating a corporate policy on the above? Your suggestions will be highly appreciated. DP Reply: Dear DP, Thanks for your mail and here are some key points to note. Establishing an Internet policy to manage Internet, Intranet and Web use needs to be a corporate priority. Your corporate policy on Internet/Intranet/Extranet should be thorough and reflect corporate strategy for this computing environment and associated facilities. Policies should be written to be applicable to all scenarios within the organization. An Internet policy should include everything from the adoption and use of technology, as well as training issues. The purpose of the policy must be stated in an introduction. The scope of the policy as to who and what facilities should be clearly defined. This policy statement should provide specific instructions on the ways users would use facilities that are made available to them. The policy should include: 1. Conditions of use: Permitted uses and activities
/ Prohibited Uses and activities, i.e. Rights and Privileges, Privacy
rights, confidentiality, etiquette (professional and appropriate language),
public representations on the internet, Network monitoring, data and
application ownership, email retention, company's right to monitor,
executable graphics and/or programs, downloading, visiting pornographic
sites, sending abusive e-mail messages, personal email accounts, passwords,
appropriate use of software, systems, equipment, editorial control,
copyright. Specific procedures / controls / confirmations on downloads
2. Responsibilities and accountability of users. Separate user activities and accountability. The policy should have clear lines of authority and responsibility. 3. Violations – how are they treated and managed? Processes include: Disciplinary process, policy enforcement process, policy breach response process. These processes should allow you to Correct, Alert and Audit. 4. Signing off of policy agreement by all users. 5. There should be a contact point for questions about the policy. 6. It may be appropriate to include a section for definitions of the terms used in the policy. 7. There must be policy awareness. Since all Internet users are expected to be familiar with and comply with these policies, it should be accessible to all concerned. I hope you have found this useful. These guidelines are by no means an exhaustive list of what should be in your corporate Internet policy, but they are the foundation you should use to create an effective Internet / Extranet / Intranet policy. All the best with your policy formulation, Jide Awe Jide Awe is the Publisher of Jidaw.com. Contact him at md@jidaw.com For more coverage and information related to this
topic, head to the IT Articles and Management Resource Center:
|
|
