# by | 2009/06/07 20:26 | IS Audit | 트랙백 | 덧글(0)
처음에 저는 당신을 지지할 수가 없었습니다, 그때는 투표권이 없었기 때문입니다.
그 다음에도 마찬가지 였습니다, 당신을 뒤따를 만한 자가 없었기 때문입니다.
다음엔 부디 지지할 수 있기를 바랍니다, 다만 지금 상황은 그 어떤것도 장담할 수 없습니다...
# by | 2009/05/24 09:00 | 생각 | 트랙백 | 덧글(0)
# by | 2009/04/12 23:39 | 생각 | 트랙백 | 덧글(2)
IT Policies, Standards, Guidelines, Practices Policies, standards, guidelines, and practices exist in a sort of hierarchy. Policies tend to be short, concise, and more centered on principles than technical or process details. As you move from policies towards guidelines you may accrue more detail but you lose some of the weight of enforcement carried by policies.
Policy, standard, guideline, and practice documentation all require periodic review. Information Technology is rapidly evolving, and we have to be careful to not unduly constrain ourselves through an outdated frame of reference.
Each of these artifacts should also have an owner. The owner is responsible for maintaining them as well as resolving questions regarding them. The owner can be a role such as CIO, a committee such as the Board of Trustees, or nominally a unit or department such as NSIT. While an individual can be responsible for guiding a draft statement to adoption, individuals should not be considered the owner once adopted.
Each of these may also have a scope. For example, some standards may be university-wide and some may be departmental or workgroup standards. In the event of a conflict between a local standard or policy and one from a higher level, the policy or standard with the broadest scope generally supersedes the local form. So, a university-wide policy will always supersede a departmental policy unless the university explicitly makes allowances for departmental autonomy in the particular instance.
The scope, owner, and date of last review should all be made obvious to those who need to be informed of the artifact in question.
A policy is a high level statement of agreed upon principles. In most cases, policies should be concise and not technically detailed. Policies should have some enduring value that is at least somewhat resistant to the rapid pace of technological change.
Policies must be followed unless the policy itself creates an exception process for extraordinary circumstances. There are generally consequences for not following a policy, potentially legal or procedural.
Information Technology policies for which NSIT is responsible may be found through the NSIT Policies web page.
The mockup for the next generation NSIT Policies page can be found here.
Policy statements being proposed for consideration in some draft or strawman form may be found here.
A standard is a statement of the agreed upon correct process or technology for addressing a common requirement. A standard may relate to a policy by being a statement of the agreed upon way in which a particular policy is instantiated.
There are likely to be consequences for choosing to not follow a standard. These consequences may not be obvious to the individual, but may cause some difficulty, increased cost, or impaired function elsewhere within the University, department, or unit. Therefore, a decision to not follow an approved standard may result in that decision being overruled.
Current standards may be found [here.]
Draft standards may be found here.
A guideline is a recommended process or technology whose implementation or adoption would cause some generally perceived benefit to accrue to the institution, individual, department, or unit. An individual or unit may choose to not follow a particular guideline, but the usual benefit may be lost. Therefore, there should be some greater benefit that could be articulated to explain why the alternative choice was made.
Current guidelines may be found [here.]
Draft guidelines may be found here.
Practices are the methods and procedures used to implement policies and standards. Best practices are those practices which have been found to provide the greatest benefit in some measure such as reduced cost, improved efficiency, greater sustainability, etc.
# by | 2009/03/14 23:31 | 트랙백 | 덧글(0)
◀ 이전 페이지 다음 페이지 ▶
