IT Policies and Standards and associated guidelines are formulated to
direct and guide practices, to help ensure compliance with
laws, regulations and requirements, and to assist the organization in
reaching long-term goals.
Newly created policies and standards, or changes to existing ones, can be triggered by a variety of factors, such as:
The Information Technology Advisory Committee (ITAC) is a body appointed by the organization representing various stakeholder constituencies. ITAC is charged with the review of draft policies and standards and assists with the vetting of these proposals. IT Standards are reviewed annually by ITAC.
By establishing specific requirements for all members of the organization's community, policies and standards connect the organization's mission to individual conduct, institutionalizes impartial expectations, supports compliance with laws and regulation, mitigates institutional risk, and enhances productivity and efficiency in the organization's operations.
For background or information on these policies, or to provide feedback on drafts, please contact Jose Romero, Director, IT Infrastructure and Security at email@example.com.
IT Standards specify requirements for becoming compliant with IAD's IT policies, other institutional policies, as well as applicable
laws and regulations. Standards may include technical specifications
and are mandatory.
IAD Policies are statements of management philosophy and
direction, established to provide direction and assistance to IAD's community in the conduct of IAD mission and
objectives. The following IAD policies address information
Procedures are methods for complying with prescribed standards. These normally include step-by-step instructions and useful or required forms. These procedures should be followed to ensure compliance with all standards and policies.
For reasons of security or content procedures are not published. However, such procedures may be requested and provided upon request from the operational unit.