Cover Image


Take the Pain Out of IT Policies

出版商 Info-Tech Research Group 商品編碼 603317
出版日期 內容資訊 英文 89 Pages
商品交期: 最快1-2個工作天內
Back to Top
解決IT政策的問題 Take the Pain Out of IT Policies
出版日期: 2017年01月13日 內容資訊: 英文 89 Pages



可惜因為政策與流程容易被混淆、過於嚴格的政策被認為會影響企業的業務效率 (將此認知變成現實的實例也不少) 。



  • 讓組織需要的IT政策更為明確
  • 判別與評價IT部門面對的最大風險
  • 製作有效的政策
  • 討論政策相關構想
  • 再次評價IT政策效果
Product Code: 75057

Choose the tool that fits, then make sure you know how to use it.

Organizations that were highly satisfied with their IT policies were 3.7 times more likely to be highly satisfied with IT when compared to those organizations that did not have high satisfaction with their IT policies.

Policies, procedures, standards - they each have their specific purposes and functions within the context of corporate governance.

Unfortunately, policies and procedures are easily confused with each other, and this can lead to the perception (and often, the reality) that an organization has become too strict or rigid to perform efficiently.

Policies are a communication tool; they help your organization spread the message of what needs to be done and how it should be done.

Info-Tech's Blueprint helps IT professionals:

  • Identify the set of IT policies your organization needs.
  • Identify and assess IT's greatest risks.
  • Write effective policies.
  • Communicate policy initiatives.
  • Reassess the effectiveness of your IT policies

Executive Summary


The need for a new policy is generally initiated in response to a new regulatory compliance standard or industry framework, or because of a mandate from the business that requires some degree of guidance over a new initiative.


Approaching policy creation in this reactive manner often results in an excessive number of documents that are narrow in scope and don't address the underlying risk.

  • Policies lag behind changing business and technology demands and compliance requirements.
  • Employees complain that policies restrict them from doing their job.


  • Find the right balance between policy and process - understand your risk landscape to identify key policy areas. In areas where policy is not necessary, establish SOPs, best practices, and guidelines to prescribe behavior.
  • Policy work can be extremely tedious - start by aligning your policies with your greatest risks.
  • It's a misconception that your most severe risks each need a specific policy - write SOPs, standards, and guidelines to fit under your policy umbrella. Revise your policies regularly so you know they still enable your critical procedures.
  • Write your policies on the right level - policies need to be understandable to the parts of the organization they affect.
  • Develop an avenue for policy communication and make your policies available for reference in one place at any time.
  • Listen to the feedback you get from your employees and talk it out. The best way to get buy-in is to make your employees part of the policy process - use their feedback and analysis to revise your policies.
Back to Top