ICT AND BUSINESS AND SOCIETY ICT POLICY. INTRODUCTION Definition According to the Web Dictionary...

ICT AND BUSINESS AND SOCIETY

ICT POLICY

ICT Policy 2

INTRODUCTION

Definition According to the Web Dictionary defines and ICT Policy as:

“The rules and regulations set by the organization. Policy

determines the type of internal and external information resources employees can access, the kinds of programs they may install on their own computers as well as their authority for reserving network resources. Policy is also related to network quality of service (QoS), because it can define priorities by user, workgroup or application with regard to reserving network bandwidth”

Prepared by R. Kibuku

ICT Policy 3

INTRODUCTION

Definition 2 National ICT Policies

A national ICT policy sets out the nation’s aims, principles and strategies for the delivery of

Information and Communications Technology. If technology and industry are coming together around the internet, governments that decide policy and regulate industry must recognize this fact and adapt their policy-making accordingly.


ICT Policy 4

OBJECTIVES OF AN ICT POLICY

The common objectives of ICT policies aspirations to meet:

i. Increasing the benefits from information technology

ii. Helping people and organizations to adapt to new circumstances and providing tools and models to respond rationally to challenges posed by ICT

iii. Providing information and communication facilities, services and management at a reasonable or reduced cost

iv. Improving the quality of services and products


ICT Policy 5


v. Encouraging innovations in technology development, use of technology and general work flows

vi. Promoting information sharing, transparency and accountability and reducing bureaucracy within and between organizations, and towards the public at large

vii. Identifying priority areas for ICT development (areas that will have the greatest positive impact on programs, services and customers)

viii. Providing citizens with a chance to access information; they may further specify the quality of that access in terms of media, retrieval performance, and so on


ICT Policy 6


ix. Attaining a specified minimum level of information technology resources for educational institutions and government agencies

x. Supporting the concept of lifelong learning

xi. Providing individuals and organizations with a minimum level of ICT knowledge, and

xii. the ability to keep it up to date

xiii. Helping to understand information technology, its development and its cross disciplinary impact


ICT Policy 7

REQUIREMENTS OF ICT POLICY

A good ICT policy Policy should be established to meet the following criterion;

i. Ensure confidentiality is always maintained.

ii. Ensure the integrity of the information is maintained.

iii. Ensure Data access and use conforms with regulations in regard to the Data Protection Act.

iv. Provide guidelines for the conditions of acceptance and the appropriate use of the computing and networking and digital resources


ICT Policy 8


v. Provide mechanisms for responding to external complaints about actual or perceived abuses originating from the organization network and computer systems.

vi. Provide the mechanism for responding to internal complaints about actual or perceived abuses against Organization systems from the internet.

vii. Protect the privacy and integrity of data stored on the Organization’s network.

viii. Mitigate the risks and losses from security threats to computer and network resources such as virus attacks and compromises of network systems.


ICT Policy 9


ix. Reduce interruptions and ensure a high availability of an efficient network essential for sustaining the business of the Organization.

x. Encourage users to understand their own responsibility for protecting the organization network.

xi. To ensure compliance without limitation to Statutes and Regulatory frameworks.


ICT Policy 10

ICT POLICY DOCUMENT

Definition- An ICT policy document - document that stipulates the

rules, laws and regulations the govern the implementation and the use of ICT within an organization and within nations at large.

Contents of the Document i. Definitions

ii. Audience

iii. Introductions

iv. Laws and regulations

v. Management


ICT Policy 11

ICT POLICY DOCUMENT

The following are the items on the ICT policy document

1. Definitions – This section defines terms used within this policy document.

2. Audience – This section states the audience to which this document applies.

3. Introduction – This section provides an overview of the policy.


ICT Policy 12

ICT POLICY DOCUMENT

4. Relevant laws and regulations – Covering the underpinning legislative framework which incACCEPTABLE USE POLICYlude. The Copyright, Designs and Patents Act 1988 The Data Protection Act 1998 The Human Rights Act 1998 The Computer Misuse Act 1990 The Regulation of Investigatory Powers Act 2000 The Freedom of Information Act 2000 The Electronic Communications Act 2000 The Digital Economy Act 2010


ICT Policy 13

ICT POLICY DOCUMENT

5. Management – This section covers the management responsibilities such as incident handling, reviewing this policy and communication of this policy to users. Authorize use of ICT facilities Ensure staff comply with this policy when using ICT

facilities monitor the use of ICT facilities assist in dealing with breaches in line with the

guidance in this policy


ICT Policy 14

POLICY GUIDELINES

Policy and guidelines relating to the following areas of Computer Use includes two main areas: 1. Acceptable Use Policies

2. Backup and Business Continuity Policy


ICT Policy 15

ACCEPTABLE USE POLICY

1. General: policy that applies no matter how you access the company network.

i. Authenticate using a valid usercode.

ii. disclosure to others any password or other information that could be used to gain access to your own or any other account and you should not use another person’s user code.

iii. responsible and financially liable for all computer activity related to individual IT account – this includes both incoming and outgoing Internet traffic.


ICT Policy 16


iv. No person shall without authority: access or attempt to gain access to any computer system or facility; obtain, copy, or in any way remove any information from a system; in any way modify or interfere with or erase any information on a system; use any computer system or facility in such a way as to contravene any

requirements for its use notified by a Manager; remove, disconnect, tamper or otherwise interfere with any physical

component or components of a computer system; subvert, or attempt to subvert, any user identification and/or authentication

scheme on any system; cause or attempt to cause any computer system to fail or deny service to any

authorized user; assist any person to do any of the above


ICT Policy 17


2. Record retention Information life cycle: obligations with regard to saving important electronic information. Complying with relevant record keeping laws, regulations, and standards, which will apply to all records regardless of format, including paper and electronic records Confidentiality, integrity, complete etc


ICT Policy 18


3. Privacy of Personal information: Personal data and information should be retained in the manner and for as long as it is required as per laws, regulations and rules governing such data and information.

Such data and information should be divulged only in accordance with rules and regulations governing such release. (The Data Protection Code of Practice when available, would provide appropriate guidelines


ICT Policy 19


4. Internet Usage: use the Internet in a safe and controlled manner. Inappropriate use of the Internet can create unnecessary risks to our business. Inappropriate use includes:

i. Accessing Internet sites that contain obscene, hateful or pornographic material;

ii. Using the Internet to perpetrate any form of fraud, software or music piracy;

iii. Using the internet to send offensive or harassing material to other users;


ICT Policy 20


iv. Accessing or downloading copyrighted information in a way that violates copyright;

v. Downloading commercial software or any copyrighted materials belonging to third parties, unless this download is covered or permitted under a commercial agreement or other such license and is approved in writing by the Head of ICT and Marketing;


ICT Policy 21


vi. Hacking or attempting to hack into unauthorised areas;

vii. Undertaking deliberate activities that waste users’ effort or networked resources; and

viii. Use of peer to peer file sharing applications, including applications to download and share music or videos over the Internet.


ICT Policy 22


5. Email use: policy relating specifically to the use of email. Looks at issues such as

i. Creating or distribute chain letters, "junk" or "spam" (mass, unsolicited) mail;

ii. send anonymous email;

iii. disrupt another person’s activities;

iv. harass another person or send unwanted offensive material;

v. forge email messages to make them appear to come from another person;


ICT Policy 23


vi. read, delete, copy or modify email under the control of other users without authorization

vii. pursue commercial activities, including sending "for-profit" messages or advertisements, unless on behalf of the University or its associated organisations such as Canterprise;

viii. introduce viruses;

ix. download un-authorised software without approval;

x. intentionally engage in illegal activities


ICT Policy 24


6. Use of company owned computer facilities

7. ICT management: ICT Governance; The organization’s senior management, structures and processes shall ensure that the organization’s ICT supports, sustains and extends the organization’s goals, objectives and strategies.

8. Connection of equipment to the company network: policy relating to connecting equipment such as laptop computers, modems, routers etc to the University network.


ICT Policy 25

BACKUP AND BUSINESS CONTINUITY POLICY

Its concerns include Retention and Archive Policy What to backup up Frequency of backup Types of backup Backup Facilities Recovery procedures


ICT AND BUSINESS AND SOCIETY ICT POLICY. INTRODUCTION Definition According to the Web Dictionary...

Documents

Transcript of ICT AND BUSINESS AND SOCIETY ICT POLICY. INTRODUCTION Definition According to the Web Dictionary...