We help IT Professionals succeed at work.

Local IT policy


I have been approached by our Financial Controller to come up with our own  Local IT policy version. This is the first time I'll be working on such as request. My question is from A to Z, what do you normally include in  a Local IT policy.

Appreciate if you can provide some detailed examples.

many thanks
Watch Question

You are welcome to use any part or all of my security policy (which is part of our IT Policy):


Note that this policy is aimed exclusively at windows based computers.
That's sort of like someone walking up to the senate and asking them to make an IT law. :) IT policies can be made on anything from service delivery, service management and information security to acceptable use and anything in between, what is it that they want really? A "local" policy sounds like you already have a "global" IT policy, what's included in that? Typically a local policy would expand and go into more detail in the same subjects that the global policy specifies. Who is this local IT policy for, as in who is its target audience and what is its purpose? Who will it affect and what is it trying to accomplish?


thanks to those who posted those links above there are quite helpful. Also, you have a sample  of IT policy tol help me to kick start my IT policy project, that would be great if you can post it here?

Hey CoccoBill, you made some interesting comments. Basically, the IT policy is tailor made to suit our local needs hence it covers everyone in the company locally. The policy will cover some but not limited to  the following

Internet Usage policy
E-mail Usage policy
Password policy
Instant Messaging Policy
Software Installation Policy

Just don't know where to begin!!!
I found this policy resource to be quite helpful (and free) http://www.sans.org/security-resources/policies/   Refer in particular to the acceptable use policy templates.