SOFTWARE ASSET MANAGEMENT POLICY
|
|
- Herbert Jenkins
- 7 years ago
- Views:
Transcription
1 SOFTWARE ASSET MANAGEMENT POLICY
2 Metadata Author.Contributor Derrick Bates Coverage.spatial UK, Cumbria Creator ICT Client Team Organisational Development Date.issued 1 st May 2008 Description The document sets out the corporate policies and procedures for the management of corporate software assets. Format Txt Identifier Language Eng Publisher Cumbria County Council Rights.copyright Cumbria County Council Status Version 1.0 Final Subject.category Software Asset Management Subject.keywords Asset management; licence; compliance; piracy; fast; resources; retrieval; policy; strategy; security; users Title Cumbria County Council Software Asset Management Policy Distribution Issue Date Version Name Title Revision History Document Status Date Reason for review Author ID.version V 0.1 Draft Creation D Bates V 0.2 Draft Amended D Bates V 0.3 Draft Further amendments D Bates V 0.4 Draft Further amendments D Bates V 1.0 Live Final D Bates Approval Name Position Date Signature A Cook HIT & BI 01/05/08 These Policies replace all previous versions and amendments to Council software management policies. It applies to all Members, employees, temporary and contract workers of Cumbria County Council. Page 2 of 10
3 Table of Contents 1 INTRODUCTION SOFTWARE ASSET MANAGEMENT POLICY STATEMENT SOFTWARE ACQUISITION SOFTWARE DELIVERY SOFTWARE INSTALLATION SOFTWARE MOVEMENTS SOFTWARE RETIREMENT SOFTWARE DISPOSAL COMPLIANCE AND DOCUMENTATION FONTS EVALUATION (FREEWARE & SHAREWARE) GAMES & SCREENSAVERS INTERNET DOWNLOADS ATTACHMENTS MOBILE/LAPTOP USERS AUDITING DISASTER RECOVERY DISCIPLINARY PROCEDURES FOR BREACH APPENDIX 1 PROCEDURES...8 Page 3 of 10
4 19.1 Acquisition, Delivery & Installation Movements Retirement & Disposal Fonts Evaluation (Freeware and Shareware) Games & Screensavers Internet Downloads Attachments Mobile/Laptop Users Auditing Disaster Recovery Disciplinary Procedures for Breach...10 Page 4 of 10
5 1 Introduction The document supports the Council s compliance with current statutes and regulations as well as British and International Standards for Software Asset Management (SAM). It lays down the Council s policies and procedures in respect of management of its software assets. The means of signifying agreement with these policies and procedures is through the Council s Acceptable Use Policy. As at publication date and for the purposes of this document the ICT Strategic Partner is Agilisys. 2 Software Asset Management Policy Statement It is the policy of Cumbria County Council to respect all computer software copyrights and adhere to the Terms & Conditions of any licence to which Cumbria County Council is a party. Cumbria County Council will not condone the use of any software that does not have a licence and any employee found to be using, or in possession of unlicensed software may be the subject of disciplinary procedures. It is the responsibility of all Cumbria County Council employees, consultants, temporary or contract workers to read, fully understand and signify agreement to Cumbria County Council s Acceptable Use Policy. 3 Software Acquisition All computer software acquired by the Council must be purchased through the ICT Strategic Partner. No user may purchase software directly and the purchase of software by any other means such as credit cards, expense accounts or petty cash is expressly forbidden. Specialist software for use by the disabled must be accompanied by an assessment from Occupational Health. 4 Software Delivery All newly purchased software will be delivered to the ICT Strategic Partner so that licences can be checked and Asset Registers updated. No other staff may take delivery of computer software. 5 Software Installation Computer software can only be installed by the ICT Strategic Partner, under no circumstances is computer software be installed by any other Council staff. Page 5 of 10
6 6 Software Movements All staff or department moves must be controlled through the corporate Office Move procedure so that the appropriate software can be added or removed and asset registers updated. 7 Software Retirement The retirement of Software/Hardware used by the Council may only be carried out by the ICT Strategic Partner. 8 Software Disposal The Disposal of Software/Hardware used by the Council may only be carried out by the ICT Strategic Partner in compliance with the Waste Electrical and Electronic Equipment (WEEE) Directive. 9 Compliance and Documentation All licences, invoices and original media for all of the software in use in Council premises are to be held securely by the ICT Strategic Partner. All media must be signed in and out by an authorised person as defined by the Strategic ICT Partner. A periodic check will be carried out by the IT Security Officer to ensure the actual media matches with the inventory. 10 Fonts Font software is bound by the same policies and procedures as all software. No user may install any font software onto Council systems. 11 Evaluation (Freeware & Shareware) Shareware, Freeware & Public Domain software is bound by the same policies and procedures as all software. No user may install any free or evaluation software onto Council systems. 12 Games & Screensavers The Council does not permit the use of any games or screensavers other than those previously agreed by line managers, or the games and screensavers which form part of your operating system Page 6 of 10
7 13 Internet Downloads No software, whatsoever, may be downloaded from the Internet. 14 Attachments Users may not load or use any software received via . Sharing software via is prohibited. 15 Mobile/Laptop Users Council software policies apply to mobile users and all laptops will be equipped with auditing software for regular checks. 16 Auditing All users must be aware that the Council electronically audits all computers on a regular basis. Sample random audits also may be carried out. 17 Disaster Recovery The owner of every business process and support process is responsible for ensuring that an appropriate business resumption risk assessment is carried out. Where that resumption includes the redeployment or reinstallation of software in support of business activities the software licencing must comply with this Policy and the conditions of the original Vendor licence. 18 Disciplinary Procedures for Breach The Council s software policies are implemented to safeguard the Council from the many varying laws surrounding software use. Any user found to be in breach of these policies may be subject to disciplinary procedures. Page 7 of 10
8 19 Appendix 1 Procedures 19.1 Acquisition, Delivery & Installation The user is to call the ICT Strategic Partner Service Desk requesting a quote for the software and obtain a reference number. Complete the online Equipment Request Form using the supplied reference number. Obtain the relevant authorisation signature and pass to the ICT Client Team as a Non Standard Request. Once delivered, the software will be added to the Authorised Software List against the specific user. The software will then be identified to the audit tool and loaded to the user s workstation by the ICT Strategic Partner. The software will be added to the Definitive Software List and the media will be placed in the secure storage area, controlled by the ICT Strategic Partner Movements In the event of staff relocations Departmental Managers are to complete the online Office Move Form. As part of this procedure they are to ascertain whether new software will be required. Old software can be re-distributed and the new locations of staff, hardware, network points and software for the asset register recorded by the Strategic ICT Partner Retirement & Disposal Once a computer is deemed ready for disposal, all software will be removed. Where the licence permits, the software will be re-used, stored for future use or retired. Software purchased as part of a computer will be disposed of with the computer as these licences are non-transferable. All Council data will be removed and the hard disk will be securely cleaned or physically destroyed. The asset register will be updated and the certificate of disposal/destruction will be held on file Fonts Where a user has a valid business requirement for a specific font they will use the standard software acquisition procedure Evaluation (Freeware and Shareware) Where a user has a valid business requirement for a piece of shareware or freeware they will use the standard software acquisition procedure. Upon the appropriate management agreements, the software will be obtained, tested and loaded to the user. Page 8 of 10
9 If this software is shareware, and requires deletion or licensing after a trial period, the user will be contacted one week prior to the end of trial date to ascertain whether he or she wishes to retain use of the software. If the software is to be retained usual acquisition procedures will be followed. If it is not required the software will be completely uninstalled Games & Screensavers Before being delivered to the user, the ICT Strategic Partner will ensure that the computer is loaded with software to corporate standards and the screensaver is set to enable after a static period of 5 minutes with a password required to gain access Internet Downloads If a user has a valid and approved reason for an item of software available on the internet, he/she will inform the ICT Client Team using the standard software acquisition procedure. The ICT Client Team and the ICT Strategic Partner will then check the licensing requirements for the software, where appropriate purchase a licence, download the software, virus check the download and benchmark the software, prior to delivery to the end user Attachments If you receive any unexpected files, which do not appear to be standard business documents, inform the IT Security Officer and the ICT Strategic Partner immediately Mobile/Laptop Users Laptops used as a primary access mechanism through a docking station in a Council office will be subject to the same audit regime as desktop machine. Users with laptops that are not regularly attached to the Council network will be subject to periodic recall for update and audit. See Auditing Auditing The Council uses auditing software on a regular basis to ascertain whether all of the software loaded is legal. The audit is checked and reconciled with the Definitive Software Library and all unauthorised software is deleted. The source of the unauthorized software will be ascertained and disciplinary action may be taken. Page 9 of 10
10 19.11 Disaster Recovery The ICT Strategic Partner is responsible for regularly reviewing its ability to recover or re-supply the organisation, within the timeframe required, with all the business software that will be needed to effect recovery of the business in the event of a major disaster Disciplinary Procedures for Breach The standard Council disciplinary procedures will apply. Page 10 of 10
The Newcastle upon Tyne Hospitals NHS Foundation Trust. Software Asset Management Policy
The Newcastle upon Tyne Hospitals NHS Foundation Trust Version No.: 1.0 Effective From: 24 April 2014 Expiry Date: 24 April 2017 Date Ratified: 16 January 2014 Ratified By: INDIGO 1 Introduction Software
More informationUniversity of South Wales Software Policies
University of South Wales Software Policies Updated 23 rd January 2015 Page 1 University of South Wales - Software Policies The University s software policies are applicable to all software and datasets
More informationSoftware Policy. Software Policy. Policy and Guidance. June 2013
Software Policy Policy and Guidance June 2013 Project Name Software Policy Product Title Policy and Guidance Version Number 1.2Final Page 1 of 8 Document Control Organisation Title Author Filename Owner
More informationDate 23 November 2010. Version 02.02. Information Security & Strategy Group. Authorising Body. Chris Drake Julia Harris. Contact
Software Licensing Policies DQ Status Approved Policy DQ Content Authority Supplier Authoriser Contact(s) for Help Description Head of Information security, Julia Harris N/A Software Compliance Manager,
More informationInformation & ICT Security Policy Framework
Information & ICT Security Framework Version: 1.1 Date: September 2012 Unclassified Version Control Date Version Comments November 2011 1.0 First draft for comments to IT & Regulation Group and IMG January
More informationSOFTWARE ASSET MANAGEMENT GUIDELINES
Information Technology Services SOFTWARE ASSET MANAGEMENT GUIDELINES Date approved: 1 November 2005 Date Policy will take effect: 1 November 2005 Date of Next Review: December 2010 Approved by: Director,
More informationIMPLEMENTATION DETAILS
Policy: Title: Status: 1. Introduction ISP-I11 Software License Regulations Approved Information Security Policy Documentation IMPLEMENTATION DETAILS 1.1. The Software Management Policy (ISP-S13) makes
More informationVersion: 2.0. Effective From: 28/11/2014
Policy No: OP58 Version: 2.0 Name of Policy: Anti Virus Policy Effective From: 28/11/2014 Date Ratified 17/09/2014 Ratified Health Informatics Assurance Committee Review Date 01/09/2016 Sponsor Director
More informationSOFTWARE LICENSING POLICY
SOFTWARE LICENSING POLICY Version 12/12/2012 University of Birmingham 2012 David Deighton, IT Services CONTENTS 1. Policy on Software Licensing... 3 1.1 Software Licensing Compliance... 3 1.2 Software
More informationYMDDIRIEDOLAETH GIG CEREDIGION A CHANOLBARTH CYMRU CEREDIGION AND MID WALES NHS TRUST PC SECURITY POLICY
YMDDIRIEDOLAETH GIG CEREDIGION A CHANOLBARTH CYMRU CEREDIGION AND MID WALES NHS TRUST PC SECURITY POLICY Author Head of IT Equality impact Low Original Date September 2003 Equality No This Revision September
More informationTameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:
Tameside Metropolitan Borough Council ICT Security Policy for Schools Adopted by: 1. Introduction 1.1. The purpose of the Policy is to protect the institution s information assets from all threats, whether
More informationCITY OF WAUKESHA HUMAN RESOURCES POLICY/PROCEDURE POLICY B-20 SOFTWARE USAGE AND STANDARDIZATION
CITY OF WAUKESHA HUMAN RESOURCES POLICY/PROCEDURE POLICY B-20 SOFTWARE USAGE AND STANDARDIZATION 1.0 Purpose and Scope of Policy It is the policy of the City of Waukesha (City) to respect all computer
More informationDublin City University
Asset Management Policy Asset Management Policy Contents Purpose... 1 Scope... 1 Physical Assets... 1 Software Assets... 1 Information Assets... 1 Policies and management... 2 Asset Life Cycle... 2 Asset
More informationUTC Cambridge ICT Policy
UTC Cambridge ICT Policy Lead member of SLT: Designated Governor: Staff Member: Principal TBC Lead IT & Telecommunication Technician Contents Introduction Scope Purpose Monitoring of college systems Prohibitions
More informationEMMANUEL CE VA MIDDLE SCHOOL. IT Security Standards
EMMANUEL CE VA MIDDLE SCHOOL IT Security Standards 1. Policy Statement The work of Schools and the County Council is increasingly reliant upon Information & Communication Technology (ICT) and the data
More informationCollege of Public Health Information Technology Policies and Procedures
Effective Date: March 01, 2013 Revised Date: May 21, 2014 Section Table of Contents I. Organization and Purpose II. Authority III. Scope IV. Definitions V. Policy and Procedure VI. Responsibilities VII.
More informationCOVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name
COVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name Introduction Removable Media and Mobile Device Policy Removable media and mobile devices are increasingly used to enable information access
More informationGrasmere Primary School Asset Management Policy
Grasmere Primary School Asset Management Policy 1. INTRODUCTION: 1.1.1 The Governing Body of Grasmere Primary School is responsible for the proper management and security of the school premises and the
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation
ICT SECURITY POLICY Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation Responsibility Assistant Principal, Learner Services Jannette
More informationPhysical Security Policy
Physical Security Policy Author: Policy & Strategy Team Version: 0.8 Date: January 2008 Version 0.8 Page 1 of 7 Document Control Information Document ID Document title Sefton Council Physical Security
More informationMike Casey Director of IT
Network Security Developed in response to: Contributes to HCC Core Standard number: Type: Policy Register No: 09037 Status: Public IG Toolkit, Best Practice C7c Consulted With Post/Committee/Group Date
More informationICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen
ICT Policy THCCGIT20 Version: 01 Executive Summary This document defines the Network Infrastructure and File Server Security Policy for Tower Hamlets Clinical Commissioning Group (CCG). The Network Infrastructure
More informationUniversity of Liverpool
University of Liverpool IT Asset Disposal Policy Reference Number Title CSD 015 IT Asset Disposal Policy Version Number v1.2 Document Status Document Classification Active Open Effective Date 22 May 2014
More informationDraft Information Technology Policy
Draft Information Technology Policy Version 3.0 Draft Date June 2014 Status Draft Approved By: Table of Contents 1.0 Introduction... 6 Background... 6 Purpose... 6 Scope... 6 Legal Framework... 6 2.0 Software
More informationINFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c
INFORMATION SECURITY MANAGEMENT SYSTEM Version 1c Revised April 2011 CONTENTS Introduction... 5 1 Security Policy... 7 1.1 Information Security Policy... 7 1.2 Scope 2 Security Organisation... 8 2.1 Information
More informationHealth Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)
Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) Table of Contents Introduction... 1 1. Administrative Safeguards...
More informationAppendix 1b. DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA. Review of Mobile Portable Devices Management
Appendix 1b DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA Review of Mobile Portable Devices Management DISTRIBUTION LIST Audit Team David Esling, Head of Audit and Assurance
More informationMobile Device Policy
Mobile Device Policy Purpose of this Document This document describes the policy for the management of mobile devices. This document will be reviewed every 12 months Author: Matt Mason Version: 1.1 Date:
More information4.0 ISSUANCE OF REGULATIONS/STANDARD OPERATING PROCEDURES
Policy: 13.09 SUBJECT: SOFTWARE USAGE Supersedes: 2001-2002 DPS Policy Manual, No. 10.10 Computer Hardware/Software and Office Equipment Use, dated July 14, 2000 Effective: February 15, 2005 Page: 1 of
More informationRotherham CCG Network Security Policy V2.0
Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationPolicy Document. IT Infrastructure Security Policy
Policy Document IT Infrastructure Security Policy [23/08/2011] Page 1 of 10 Document Control Organisation Redditch Borough Council Title IT Infrastructure Security Policy Author Mark Hanwell Filename IT
More informationTECHNOLOGY ACCEPTABLE USE POLICY
Policy Statement TECHNOLOGY ACCEPTABLE USE POLICY Reason for Policy/Purpose The purpose of this policy is to provide guidelines to the acceptable and ethical behavior that guides use of information and
More informationUniversity of Hartford. Software Management and Compliance Guidelines
University of Hartford Software Management and Compliance Guidelines This policy is issued in an effort to remind the University community of the importance of complying with that policy and to reiterate
More informationBalancing and Settlement Code BSC PROCEDURE BSCP537. QUALIFICATION PROCESS FOR SVA PARTIES, SVA PARTY AGENTS AND CVA MOAs
Balancing and Settlement Code BSC PROCEDURE BSCP537 QUALIFICATION PROCESS FOR SVA PARTIES, SVA PARTY AGENTS AND CVA MOAs APPENDIX 3 GUIDANCE NOTES ON COMPLETING THE SAD Version 2.0 Date: 10 September 2007
More informationIslington ICT Physical Security of Information Policy A council-wide information technology policy. Version 0.7 June 2014
Islington ICT Physical Security of Information Policy A council-wide information technology policy Version 0.7 June 2014 Copyright Notification Copyright London Borough of Islington 2014 This document
More informationPolicy on the Security of Informational Assets
Policy on the Security of Informational Assets Policy on the Security of Informational Assets 1 1. Context Canam Group Inc. recognizes that it depends on a certain number of strategic information resources
More informationADMINISTRATION COMPUTER NETWORK
ADMINISTRATION COMPUTER NETWORK School Administrative Computer Network The Cumberland School operates a network of computers specifically for administrative purposes in the school. This network is electronically
More informationINFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE
INFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE Original Approved by: Policy and Procedure Ratification Sub-group on 23 October 2007 Version 2.1 Approved by: Information Governance
More informationIT06 - Information Technology (IT) Hardware and Software Policy
IT06 - Information Technology (IT) Hardware and Software Policy Introduction 1 This policy sets out the general rules for the use of Southampton Solent University IT hardware and software. Southampton
More informationNetwork Security Policy
IGMT/15/036 Network Security Policy Date Approved: 24/02/15 Approved by: HSB Date of review: 20/02/16 Policy Ref: TSM.POL-07-12-0100 Issue: 2 Division/Department: Nottinghamshire Health Informatics Service
More informationRecommendations. That the Cabinet approve the withdrawal of the existing policy and its replacement with the revised document.
Report to: Cabinet Date: 14 th October 2004. Report: of Head of Corporate Personnel Services Report Title: USE of INTERNET POLICY Summary of Report. The use of the Internet is growing rapidly. Over the
More informationMerthyr Tydfil County Borough Council. Information Security Policy
Merthyr Tydfil County Borough Council Information Security Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of
More informationInformation Security Incident Management Policy and Procedure
Information Security Incident Management Policy and Procedure Version Final 1.0 Document Control Organisation Title Author Filename Owner Subject Protective Marking North Dorset District Council IT Infrastructure
More informationCCG LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY
CCG LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY (for Cheshire CCGs) Version 3.2 Ratified By Date Ratified November 2014 Author(s) Responsible Committee / Officers Issue Date November 2014 Review
More informationECSA EuroCloud Star Audit Data Privacy Audit Guide
ECSA EuroCloud Star Audit Data Privacy Audit Guide Page 1 of 15 Table of contents Introduction... 3 ECSA Data Privacy Rules... 4 Governing Law... 6 Sub processing... 6 A. TOMs: Cloud Service... 7 TOMs:
More informationOFFICIAL. NCC Records Management and Disposal Policy
NCC Records Management and Disposal Policy Issue No: V1.0 Reference: NCC/IG4 Date of Origin: 12/11/2013 Date of this Issue: 14/01/2014 1 P a g e DOCUMENT TITLE NCC Records Management and Disposal Policy
More informationOHIO VALLEY EDUCATIONAL COOPERATIVE TECHNOLOGY ACCEPTABLE USE POLICY
OHIO VALLEY EDUCATIONAL COOPERATIVE TECHNOLOGY ACCEPTABLE USE POLICY 03.13211 Referenced by OVEC Policy Manual and OVEC Employee Handbook Version 2.0.0 2/12/2014 Section headings: 1. Introductory paragraph
More informationInformation Security
Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff
More informationRHONDDA CYNON TAF COUNTY BOROUGH COUNCIL INFORMATION SECURITY INCIDENT MANAGEMENT POLICY Version 2.0.1
RHONDDA CYNON TAF COUNTY BOROUGH COUNCIL INFORMATION SECURITY INCIDENT MANAGEMENT POLICY Version 2.0.1 Revised and effective from 1st April 2012 Document Control Organisation Title Author Filename Owner
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationInformation Security Code of Conduct
Information Security Code of Conduct IT s up to us >Passwords > Anti-Virus > Security Locks >Email & Internet >Software >Aon Information >Data Protection >ID Badges > Contents Aon Information Security
More informationUniversity of Sunderland Business Assurance Information Security Policy
University of Sunderland Business Assurance Information Security Policy Document Classification: Public Policy Reference Central Register Policy Reference Faculty / Service IG 003 Policy Owner Assistant
More informationSTANDARD POLICY FOR TELEPHONE MANAGEMENT AND RECOVERY OF PRIVATE CALL COSTS
STANDARD POLICY FOR TELEPHONE MANAGEMENT AND RECOVERY OF PRIVATE CALL COSTS CONTENTS 1. Introduction 2. Scope 3. Purpose 4. References 5. Definitions 6. Responsibility Clause 7. Method and Ground Rules
More informationInformation Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy
Working Together Information Security Policy Information Security Policy May 2012 Borders College 19/10/12 1 Working Together Information Security Policy 1. Introduction Borders College recognises that
More informationIT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs)
IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) Version 3.2 Ratified By Date Ratified November 2014 Author(s) Responsible Committee / Officers Issue Date November 2014 Review Date
More informationIT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY
IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 3.0 Ratified By Date Ratified April 2013 Author(s) Responsible Committee / Officers Issue Date January 2014 Review Date Intended Audience Impact
More informationAuthorised Acceptable Use Policy 2015-2016. Groby Community College Achieving Excellence Together
Groby Community College Achieving Excellence Together Authorised Acceptable Use Policy 2015-2016 Reviewed: Lee Shellard, ICT Manager: May 2015 Agreed: Leadership & Management Committee: May 2015 Next review:
More informationPrivacy and Cloud Computing for Australian Government Agencies
Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy
More informationUniversity of Liverpool
University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October
More informationSUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This
More informationCorporate ICT Asset Management
Policy Corporate ICT Asset Management Please note this policy is mandatory and staff are required to adhere to the content Summary A comprehensive program to monitor the location, use and value of all
More informationIT Data Security Policy
IT Data Security Policy Contents 1. Purpose...2 2. Scope...2 3. Policy...2 Access to the University computer network... 3 Security of computer network... 3 Data backup... 3 Secure destruction of data...
More informationMCDONOUGH COUNTY, ILLINOIS MANAGEMENT LETTER. For the Year Ended November 30, 2014
MCDONOUGH COUNTY, ILLINOIS MANAGEMENT LETTER For the Year Ended November 30, 2014 July 23, 2015 To the Members of the County Board, the Circuit Clerk and Management McDonough County, Illinois One Courthouse
More informationHeather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com
Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually
More informationMobile Devices Policy
Mobile Devices Policy Item Policy description Division Director Contact Description Guidelines to ensure that mobile devices are deployed and used in a secure and appropriate manner. IT Services and Records
More information8.03 Health Insurance Portability and Accountability Act (HIPAA)
Human Resource/Miscellaneous Page 1 of 5 8.03 Health Insurance Portability and Accountability Act (HIPAA) Policy: It is the policy of Licking/Knox Goodwill Industries, Inc., to maintain the privacy of
More informationAcceptable Use Guidelines
Attachment to the Computer and Information Security and Information Management Policies Acceptable Use Guidelines NZQA Quality Management System Supporting Document Purpose These Acceptable Use Guidelines
More informationMicrosoft Windows Client Security Policy. Version 2.1 POL 033
Microsoft Windows Client Security Policy Version 2.1 POL 033 Ownership Policy Owner: Information Security Manager Revision History Next Review Date: 2 nd April 2015 Approvals This document requires the
More informationData Protection Policy
Data Protection Policy Document Ref: DPA20100608-001 Version: 1.3 Classification: UNCLASSIFIED (IL 0) Status: ISSUED Prepared By: Ian Mason Effective From: 4 th January 2011 Contact: Governance Team ICT
More informationInformation & Communications Technology Usage Policy Olive AP Academy - Thurrock
Information & Communications Technology Usage Policy Olive AP Academy - Thurrock Version Control Sheet Title: Purpose: Owner: Information Communications Technology Policy To advise staff of the procedures
More informationICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY
ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee
More informationNew Jersey City University Information Technology Equipment Policies & Procedures Page 1 of 5
Page 1 of 5 TABLE OF CONTENTS Page No. INTRODUCTION... 3 PURPOSE... 3 SCOPE... 3 POLICY... 3 INFORMATION TECHNOLOGY EQUIPMENT... 3 INVENTORY... 4 EQUIPMENT RECEIVED BY ITS DEPARTMENT... 4 EQUIPMENT RECEIVED
More information2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy
Version History Author Approved Committee Version Status date Eddie Jefferson 09/15/2009 Full Governing 1.0 Final Version Body Eddie Jefferson 18/08/2012 Full Governing Body 2.0 Emended due to the change
More information2.2 Access to ICT resources at the Belfast Metropolitan College is a privilege, not a right, and all users must act honestly and responsibly.
1 Purpose The purpose of this document is to set out the College's policy and provide guidance relating to the responsible use of the College's ICT resources and systems. 2 General 2.1 Belfast Metropolitan
More informationSupplement to Gaming Machine Technical Standards Consultation
Supplement to Gaming Machine Technical Standards Consultation Downloadable, Wireless and Cashless Gaming Machine Systems Consultation paper, September 2006 Introduction 1. This paper is a supplement to
More informationNetwork Security Policy
Department / Service: IM&T Originator: Ian McGregor Deputy Director of ICT Accountable Director: Jonathan Rex Interim Director of ICT Approved by: County and Organisation IG Steering Groups and their relevant
More informationPolicy Document. Communications and Operation Management Policy
Policy Document Communications and Operation Management Policy [23/08/2011] Page 1 of 11 Document Control Organisation Redditch Borough Council Title Communications and Operation Management Policy Author
More informationUniversity of Brighton School and Departmental Information Security Policy
University of Brighton School and Departmental Information Security Policy This Policy establishes and states the minimum standards expected. These policies define The University of Brighton business objectives
More informationAcceptable Use of Information Systems Policy
Information Governance & Management Framework Acceptable Use of Information Systems Policy Version 1.3 Produced by: Customer Services & Business Transformation Inverclyde Council Municipal Buildings GREENOCK
More informationInformation Security Policy
Information Security Policy The purpose of this Policy is to describe the procedures and processes in place to ensure the secure and safe use of the federation s network and its resources and to protect
More informationWorking Together Aiming High!
Poplar Street Primary School ICT Security and Acceptable Use Policy E-Safety policy 2013/14 Working Together Aiming High! 1 Contents 1. Introduction... 3 2. Policy Objectives... 3 3. Application... 3 4.
More informationSOAS Controlled Procedure CP-PP06 IT Asset Management Procedure
SOAS Controlled Procedure CP-PP06 IT Asset Management Procedure Page 1 of 6 Martin Whiteside Version 1.1 March 2015 CP-PP06 IT Asset Management Procedure 1 Document Overview This document provides the
More informationInformation Resources Security Guidelines
Information Resources Security Guidelines 1. General These guidelines, under the authority of South Texas College Policy #4712- Information Resources Security, set forth the framework for a comprehensive
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationInternet Acceptable Use Policy A council-wide information management policy. Version 1.5 June 2014
Internet Acceptable Use Policy A council-wide information management policy Version 1.5 June 2014 Copyright Notification Copyright London Borough of Islington 20134This document is distributed under the
More informationAberdeen City Council IT Asset Management
Aberdeen City Council IT Asset Management Internal Audit Report 2014/2015 for Aberdeen City Council January 2015 Terms or reference agreed 4 weeks prior to fieldwork Target Dates per agreed Actual Dates
More informationIBM Tivoli Asset Management for IT
Cost-effectively manage the entire life cycle of your IT assets IBM Highlights Help control the costs of IT assets with a single product installation that tracks and manages hardware, software and related
More informationWest Highland College. Internal Audit 2014/15 Annual Report August 2015
Internal Audit 2014/15 Annual Report August 2015 TABLE OF CONTENTS Section Page 1. Introduction 3 2. Executive Summary 4 5 3. Audit Findings 6 11 4. Benchmarking 12 5. Key Performance Indicators 13 Appendices
More informationHow To Protect A Hampden County Hmis From Being Hacked
Hampden County HMIS Springfield Office of Housing SECURITY PLAN Security Officers The Springfield Office of Housing has designated an HMIS Security Officer whose duties include: Review of the Security
More informationACCEPTABLE IT AND COMPUTER USE POLICY GUIDE FOR STAFF
ACCEPTABLE IT AND COMPUTER USE POLICY GUIDE FOR STAFF The African Academy of Sciences (AAS) Postal Address: P.O. Box 24916 00502, Nairobi, KENYA Physical Address: 8 Miotoni Lane, Karen, Nairobi Tel: +
More informationVersion 1.0. Ratified By
ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified 5 th March 2013 Author(s) Responsible Committee / Officers Issue Date 5 th March 2013 Review Date Intended Audience
More informationInformation Management Policy
Title Information Management Policy Document ID Director Mark Reynolds Status FINAL Owner Neil McCrirrick Version 1.0 Author Deborah Raven Version Date 26 January 2011 Information Management Policy Crown
More informationHIPAA Security COMPLIANCE Checklist For Employers
Compliance HIPAA Security COMPLIANCE Checklist For Employers All of the following steps must be completed by April 20, 2006 (April 14, 2005 for Large Health Plans) Broadly speaking, there are three major
More informationArgyll and Bute Council
Argyll and Bute Council 3 June 2009 Contents Page 1 Executive Summary 1 Appendices A B Action plan Progress in implementation of prior year recommendations 1 1 Executive Summary 1.1 Introduction The Council's
More informationInformation Management and Security Policy
Unclassified Policy BG-Policy-03 Contents 1.0 BG Group Policy 3 2.0 Policy rationale 3 3.0 Applicability 3 4.0 Policy implementation 4 Document and version control Version Author Issue date Revision detail
More informationAcceptable Use of Information Systems Standard. Guidance for all staff
Acceptable Use of Information Systems Standard Guidance for all staff 2 Equipment security and passwords You are responsible for the security of the equipment allocated to, or used by you, and must not
More informationInformation Security Incident Management Policy
Information Security Incident Management Policy Version: 1.1 Date: September 2012 Unclassified Version Control Date Version Comments November 2011 1.0 First draft for comments to IT Policy & Regulation
More informationData Security Policy
Policy Number: Revision Number: 0 QP1.44 Date of issue: March 2009 Status: Approved Date of approval: April 2009 Responsibility for policy: Responsibility for implementation: Responsibility for review:
More information