IT Policies

The importance of ITP

Targets and benefits of ITP

Today it’s almost impossible to find organizations of any size not using information technology (IT); moreover, the smaller the company the more it relies on automation or IT services. It is both a powerfull tool for business and, if not properly managed, a certain source of risks and hidden costs.

IT specialists inside organizations are expensive and should not be on payroll if IT is not the core business of the company, but even in those cases, outsourcing is a common practice; the task of harmonization of services and assets is impossible when relying on outsourcing for IT without previously defining criteria and policies for the matter. These policies must address company’s business rules and specific operational needs. Nonetheless, it’s a common bad practice in small organizations to bend company operations and processes to adopted software or services instead of all the way around. Fortunately, IT market is full of possibilities and an accurate selection of tools is the best recommended practice.

The Business IT Alignment

All companies and situations are different, but every company that uses computers, email, the internet, and software on a daily basis should have IT policies in place: these policies apply both for employees and IT sub-contractors and provide a vision and strategy for such an important asset as technology. Without an internal IT policy the company is subject to the risk of adopting vendor or third-parties policies implicitly. An important secondary benefit of owning an IT policy is the control and indipendence it grants from vendor strategies and vendor-lock-in practices that must be avoided.

Solving these important risks, saving costs, granting business-centric priority and indipendence is what we call the «Business IT Alignment«.

Target and control

Employees need to know what is expected and required of them when using the technology provided by their employer, and it is critical for a company to protect itself by having policies to govern areas such as personal internet and email usage, security, software and hardware inventory and data retention. It is also important for the business owner to know the potential lost time and productivity at their business because of personal internet usage. Contractors, on the other hand, must operate within the frame of customer’s IT policies for granting security, compliance, operations and, quality.

With Baermann

Although it seems a difficult task it is not indeed when relying on Baermann indipendent approach to the problem and it’s fundamental for yielding the much need of reliable systems working properly on a daily basis. Baermann helps customers to define these policies minimizing or eliminating unnecessary risks and hidden costs while putting business needs in the right priority of importance.

Guidelines

Without written policies, there are no standards to reference when both sticky and status quo situations arise, such as those highlighted above. So, what exactly are the IT policies? There are six areas that need to be addressed, for each area specific guidelines will be documented:

  1. AUT – Acceptable Use of Technology: guidelines for the use of computers, telephones and mobile devices, internet, company and external email services, voicemail and the consequences for misuse.
  2. Security: guidelines for passwords, levels of access to the network, internet navigation policies, anti-virus policies, data confidentiality, and storage and usage of data.
  3. Disaster Recovery: guidelines for data recovery in the event of a disaster, and data backup methods.
  4. Technology Standards: guidelines to determine the type of software, hardware, and systems will be purchased, supported and used at the company, including those that are prohibited.
  5. Network Set up and Documentation: Guidelines regarding how the network is configured, how to add new employees to the network, permission levels for employees, and licensing of software.
  6. IT Services: guidelines to determine how technology needs and problems will be addressed, who in the organization is responsible for technical support, maintenance, installation, and long-term technology planning.