ict and business and society ict policy. introduction definition according to the web dictionary...
TRANSCRIPT
ICT AND BUSINESS AND SOCIETY
ICT POLICY
ICT Policy 2
INTRODUCTION
Definition According to the Web Dictionary defines and ICT Policy as:
“The rules and regulations set by the organization. Policy
determines the type of internal and external information resources employees can access, the kinds of programs they may install on their own computers as well as their authority for reserving network resources. Policy is also related to network quality of service (QoS), because it can define priorities by user, workgroup or application with regard to reserving network bandwidth”
Prepared by R. Kibuku
ICT Policy 3
INTRODUCTION
Definition 2 National ICT Policies
A national ICT policy sets out the nation’s aims, principles and strategies for the delivery of
Information and Communications Technology. If technology and industry are coming together around the internet, governments that decide policy and regulate industry must recognize this fact and adapt their policy-making accordingly.
Prepared by R. Kibuku
ICT Policy 4
OBJECTIVES OF AN ICT POLICY
The common objectives of ICT policies aspirations to meet:
i. Increasing the benefits from information technology
ii. Helping people and organizations to adapt to new circumstances and providing tools and models to respond rationally to challenges posed by ICT
iii. Providing information and communication facilities, services and management at a reasonable or reduced cost
iv. Improving the quality of services and products
Prepared by R. Kibuku
ICT Policy 5
OBJECTIVES OF AN ICT POLICY
v. Encouraging innovations in technology development, use of technology and general work flows
vi. Promoting information sharing, transparency and accountability and reducing bureaucracy within and between organizations, and towards the public at large
vii. Identifying priority areas for ICT development (areas that will have the greatest positive impact on programs, services and customers)
viii. Providing citizens with a chance to access information; they may further specify the quality of that access in terms of media, retrieval performance, and so on
Prepared by R. Kibuku
ICT Policy 6
OBJECTIVES OF AN ICT POLICY
ix. Attaining a specified minimum level of information technology resources for educational institutions and government agencies
x. Supporting the concept of lifelong learning
xi. Providing individuals and organizations with a minimum level of ICT knowledge, and
xii. the ability to keep it up to date
xiii. Helping to understand information technology, its development and its cross disciplinary impact
Prepared by R. Kibuku
ICT Policy 7
REQUIREMENTS OF ICT POLICY
A good ICT policy Policy should be established to meet the following criterion;
i. Ensure confidentiality is always maintained.
ii. Ensure the integrity of the information is maintained.
iii. Ensure Data access and use conforms with regulations in regard to the Data Protection Act.
iv. Provide guidelines for the conditions of acceptance and the appropriate use of the computing and networking and digital resources
Prepared by R. Kibuku
ICT Policy 8
REQUIREMENTS OF ICT POLICY
v. Provide mechanisms for responding to external complaints about actual or perceived abuses originating from the organization network and computer systems.
vi. Provide the mechanism for responding to internal complaints about actual or perceived abuses against Organization systems from the internet.
vii. Protect the privacy and integrity of data stored on the Organization’s network.
viii. Mitigate the risks and losses from security threats to computer and network resources such as virus attacks and compromises of network systems.
Prepared by R. Kibuku
ICT Policy 9
REQUIREMENTS OF ICT POLICY
ix. Reduce interruptions and ensure a high availability of an efficient network essential for sustaining the business of the Organization.
x. Encourage users to understand their own responsibility for protecting the organization network.
xi. To ensure compliance without limitation to Statutes and Regulatory frameworks.
Prepared by R. Kibuku
ICT Policy 10
ICT POLICY DOCUMENT
Definition- An ICT policy document - document that stipulates the
rules, laws and regulations the govern the implementation and the use of ICT within an organization and within nations at large.
Contents of the Document i. Definitions
ii. Audience
iii. Introductions
iv. Laws and regulations
v. Management
Prepared by R. Kibuku
ICT Policy 11
ICT POLICY DOCUMENT
The following are the items on the ICT policy document
1. Definitions – This section defines terms used within this policy document.
2. Audience – This section states the audience to which this document applies.
3. Introduction – This section provides an overview of the policy.
Prepared by R. Kibuku
ICT Policy 12
ICT POLICY DOCUMENT
4. Relevant laws and regulations – Covering the underpinning legislative framework which incACCEPTABLE USE POLICYlude. The Copyright, Designs and Patents Act 1988 The Data Protection Act 1998 The Human Rights Act 1998 The Computer Misuse Act 1990 The Regulation of Investigatory Powers Act 2000 The Freedom of Information Act 2000 The Electronic Communications Act 2000 The Digital Economy Act 2010
Prepared by R. Kibuku
ICT Policy 13
ICT POLICY DOCUMENT
5. Management – This section covers the management responsibilities such as incident handling, reviewing this policy and communication of this policy to users. Authorize use of ICT facilities Ensure staff comply with this policy when using ICT
facilities monitor the use of ICT facilities assist in dealing with breaches in line with the
guidance in this policy
Prepared by R. Kibuku
ICT Policy 14
POLICY GUIDELINES
Policy and guidelines relating to the following areas of Computer Use includes two main areas: 1. Acceptable Use Policies
2. Backup and Business Continuity Policy
Prepared by R. Kibuku
ICT Policy 15
ACCEPTABLE USE POLICY
1. General: policy that applies no matter how you access the company network.
i. Authenticate using a valid usercode.
ii. disclosure to others any password or other information that could be used to gain access to your own or any other account and you should not use another person’s user code.
iii. responsible and financially liable for all computer activity related to individual IT account – this includes both incoming and outgoing Internet traffic.
Prepared by R. Kibuku
ICT Policy 16
ACCEPTABLE USE POLICY
iv. No person shall without authority: access or attempt to gain access to any computer system or facility; obtain, copy, or in any way remove any information from a system; in any way modify or interfere with or erase any information on a system; use any computer system or facility in such a way as to contravene any
requirements for its use notified by a Manager; remove, disconnect, tamper or otherwise interfere with any physical
component or components of a computer system; subvert, or attempt to subvert, any user identification and/or authentication
scheme on any system; cause or attempt to cause any computer system to fail or deny service to any
authorized user; assist any person to do any of the above
Prepared by R. Kibuku
ICT Policy 17
ACCEPTABLE USE POLICY
2. Record retention Information life cycle: obligations with regard to saving important electronic information. Complying with relevant record keeping laws, regulations, and standards, which will apply to all records regardless of format, including paper and electronic records Confidentiality, integrity, complete etc
Prepared by R. Kibuku
ICT Policy 18
ACCEPTABLE USE POLICY
3. Privacy of Personal information: Personal data and information should be retained in the manner and for as long as it is required as per laws, regulations and rules governing such data and information.
Such data and information should be divulged only in accordance with rules and regulations governing such release. (The Data Protection Code of Practice when available, would provide appropriate guidelines
Prepared by R. Kibuku
ICT Policy 19
ACCEPTABLE USE POLICY
4. Internet Usage: use the Internet in a safe and controlled manner. Inappropriate use of the Internet can create unnecessary risks to our business. Inappropriate use includes:
i. Accessing Internet sites that contain obscene, hateful or pornographic material;
ii. Using the Internet to perpetrate any form of fraud, software or music piracy;
iii. Using the internet to send offensive or harassing material to other users;
Prepared by R. Kibuku
ICT Policy 20
ACCEPTABLE USE POLICY
iv. Accessing or downloading copyrighted information in a way that violates copyright;
v. Downloading commercial software or any copyrighted materials belonging to third parties, unless this download is covered or permitted under a commercial agreement or other such license and is approved in writing by the Head of ICT and Marketing;
Prepared by R. Kibuku
ICT Policy 21
ACCEPTABLE USE POLICY
vi. Hacking or attempting to hack into unauthorised areas;
vii. Undertaking deliberate activities that waste users’ effort or networked resources; and
viii. Use of peer to peer file sharing applications, including applications to download and share music or videos over the Internet.
Prepared by R. Kibuku
ICT Policy 22
ACCEPTABLE USE POLICY
5. Email use: policy relating specifically to the use of email. Looks at issues such as
i. Creating or distribute chain letters, "junk" or "spam" (mass, unsolicited) mail;
ii. send anonymous email;
iii. disrupt another person’s activities;
iv. harass another person or send unwanted offensive material;
v. forge email messages to make them appear to come from another person;
Prepared by R. Kibuku
ICT Policy 23
ACCEPTABLE USE POLICY
vi. read, delete, copy or modify email under the control of other users without authorization
vii. pursue commercial activities, including sending "for-profit" messages or advertisements, unless on behalf of the University or its associated organisations such as Canterprise;
viii. introduce viruses;
ix. download un-authorised software without approval;
x. intentionally engage in illegal activities
Prepared by R. Kibuku
ICT Policy 24
ACCEPTABLE USE POLICY
6. Use of company owned computer facilities
7. ICT management: ICT Governance; The organization’s senior management, structures and processes shall ensure that the organization’s ICT supports, sustains and extends the organization’s goals, objectives and strategies.
8. Connection of equipment to the company network: policy relating to connecting equipment such as laptop computers, modems, routers etc to the University network.
Prepared by R. Kibuku
ICT Policy 25
BACKUP AND BUSINESS CONTINUITY POLICY
Its concerns include Retention and Archive Policy What to backup up Frequency of backup Types of backup Backup Facilities Recovery procedures
Prepared by R. Kibuku