Solved

Policy Management

Posted on 2011-03-09
2
402 Views
Last Modified: 2012-05-11
What is the problem with having departmental policies as opposed to corporate policies? I am on about any information management or information security policy - any IT related policy to be honest, but specifically stuff like information classification, data retention, records management, media sanitization etc etc. Where is the issue in each department having their own responsibilities to have such policy and procedures in place as opposed to corporate policies that mandate what each organisational department will do? I know it should be corporately dictated as opposed to departmentally but I am struggling to find some good justified reasons why – despite searching. Would prefer your comments as opposed to links.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Accepted Solution

by:
michko earned 250 total points
ID: 35085100
Imho, one main reason for corporate policies over departmental policies.  Consistency - across the board.

Organizations run easier if rules and guidelines are similar across the various departments.  It eliminates (or reduces) confusion and misunderstandings.  It also allows for easier transfer/temp placement of personnel.

Granted, some departments will have special requirements that may be more stringent than those required by the company as a whole - take those on a one by one basis.

For example - IT purchase policy.  You want to try to standardize on one model/type of hardware with a standard software configuration.   This makes supporting those desktops a lot easier.  If you let individual departments determine what to purchase, then your support becomes much more difficult.

I work for a municipality, but the idea can be extended to the corporate world.  Let's say we let our Police and Fire departments each purchase hardware/software on their own.  What happens if they don't coordinate with each other?  Or agree with the best route to take?  Next thing you know, we are trying to support two completely separate systems that are supposed to communicate with each other - and most likely don't.  

However, I also need to be flexible enough to realize not every department is going to fit a standard mold.  The workstations needed for our Marketing department, who frequently create publications, flyers, work with large image files, etc., are completely different from those needed for most of our other employees in Finance, HR, etc.  So, set the generic configuration across the board at the typical user level - then beef up the machines for those positions that require something more.

The same idea goes for records retention, etc.  Set the policy at the corporate level, and the exceptions at the department level.  It really does make things much easier, rather than having 15 separate departments all going their own way without any common thread.

Hope that helps.

0
 
LVL 3

Author Comment

by:pma111
ID: 35085632
Great advice, thank you its much appreciated
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
Here's a look at newsworthy articles and community happenings during the last month.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question