• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • HomePage
  • About
  • Syllabus
  • Schedule
    • First Half of Semester
      • Week 1: IT Governance
      • Week 2: IT’s Role and the Control Environment
      • Week 3: Business / IT Alignment
      • Week 4: Enterprise Architecture and IT Strategy
      • Week 5: Project Portfolio Management
      • Week 6: Monitoring & Evaluating IT
      • Week 7: Policy
    • Second Half of Semeter
      • Week 8: IT Services and Quality
      • Week 9: IT Outsourcing
      • Week 10: Cloud Computing
      • Week 11: IT Risk
      • Week 12: IT Security
      • Week 13: Disaster Recovery & Business Continuity
  • Assignments
    • Project #1
      • P Sample 1
      • P Sample 2
    • Project #2
      • AP Sample 1
      • AP Sample 2
  • Webex Session
  • Harvard Readings

MIS 5202 IT Governance

Temple University

Week 07: Policy Documents & Video

Group 1 (Lezlie Jiles Brandan Mackowsky Patrick Destafano Michelangelo Collura)

October 12, 2017 by Michelangelo C. Collura 7 Comments

Please excuse the delay. I posted it as a comment on another page and not a unique blog entry. To confirm, here’s the link.

Policy Document

Policy Video

https://www.powtoon.com/online-presentation/dj1UMvQxS9a/mis-5202/

Week 7 Wrap-up: Policy

October 12, 2017 by Richard Flanagan Leave a Comment

Up until now we have been talking mainly about doing the “Right Things”.  Policies is our first topic focused on “Done Right”.  The basic idea of policies is that they simplify decision making and encourage consistant orginzational behavior.  The idea works something like this:

  1. Senior management desires the organization to follow a certain objective behavior.  This may be because its required by the law or because its something they choose to do voluntarily.
  2. It is impossible, or impractical, for senior management to make all the decisions that are necessary to achieve this objective.
  3. Instead, management approves a policy that describes its objective and how they expect the organization to make related decisions and behave in a  compliant manner.  The policy may also set up a structure or role to which it delegates additional policy making responsibility in relation to this objective.
  4. The larger the organization, and the more complex the behavior associated with the objective, the more likely it is that there will be several related policies organized under an overview policy.
  5. At the end of the day, an employee facing a decision on how to behave in a certain situation should be able to look at the policy and decide for him or herself what to do.

Once available, a policy is apt to generate any number of standards, guidelines and procedures that are intended to help realize the objective.  These can all be thought of as controls.  Thus, a security policy may say that employees will have unique userids (with least priviledged access)  and are accountable for how their userids are used.  This generates any number of controls from how userids are provisioned, who needs to approve a new role,  what tasks are not permitted in the same role, what passwords are acceptable, how often they need to be changed, etc.  These controls are then audited to see if the organization’s controls, if followed,  will enable the objective to be meet (sufficiency) and how well each control works (effectiveness).

 

Rich

ITACS Credit Union – Michael Gibbons, Paul Needle, Tamekia Pitter, and Bilaal Williams

October 11, 2017 by Tamekia P. 8 Comments

ITACS Credit Union Social Security Number Policy

ITACS Credit Union Social Security Policy Video

Temple 5202 Real Estate Inc. (Anthony Quitugua, Jonathan Duani, Heiang Y Cheung, Donald Hoxhaj)

October 11, 2017 by Donald Hoxhaj 7 Comments

Group 2 – (SSNs) Policy Project

http://community.mis.temple.edu/mis5202online2017/files/2017/10/Group-2-SSNs-Policy-Project-Video.mp4

AccuExchange (Vince Kelly, Jason Mays, Duy Nguyen, Pascal Allison)

October 11, 2017 by Duy Nguyen 7 Comments

https://tustudents.webex.com/tustudents/ldr.php?RCID=86b07ddaa44248466a2f619ec814dd12

 

AccuExchange USB Use Policy

 

Presentation-AccuExchange II

 

 

Week 7: The Policy Project

October 5, 2017 by Richard Flanagan 2 Comments

Readings

There will be no reading questions this week.

Policy Project

Work with your team and pick one of the security topics listed below that interests you.  Use the readings as a guide to write a comprehensive policy statement for the topic..  They are usually on the order of 3-5 pages.  Then, prepare a 5 minute or less presentation (Thu’s section)/video(Rich’s section) that introduces your new policy to the employees of your hypothetical company.

The possible topics are:

  • Data Destruction Policy
  • Social Security Number Policy
  • Remote Access Policy
  • Electronic Document Retention Policy
  • Memory Drive Usage Policy

As a help to understanding what we want, here is a link to a acceptable use policy submitted in a previous semester.  You should not copy the format exactly, but think about what’s covered, the level of detail, references, etc.

http://community.mis.temple.edu/mis5202online2016/files/2015/10/Initech_Acceptable_Use_Policy.pdf

Primary Sidebar

Weekly Discussions

  • Class Administration (10)
  • Week 01: IT Governance (3)
  • Week 02: IT's Role & the Control Environment (5)
  • Week 03: IT Administrative Controls (3)
  • Week 04: Enterprise Architecture (3)
  • Week 05:IT Strategy (3)
  • Week 06: Project Portfolio Management (2)
  • Week 07: Policy Documents & Video (6)
  • Week 08: IT Services & Quality (2)
  • Week 09: IT Outsourcing & Cloud Computing (2)
  • Week 10: Monitoring & Evaluating IT (2)
  • Week 11: IT Risk (2)
  • Week 12: IT Security (3)
  • Week 13: Disaster Recovery & Business Continuity (1)
  • Week 14: Regulations, Standards, and Maturity Models (4)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in