Topic 5 - AQA INFO3 ICT

ICT policies

HideShow resource information

Security policy

  • Security policy is needed to protect the data that an organisation stores. If this is not done, it could result in financial costs, legal issues and loss of reputation.
  • The prevention of misuse should be considered and methods to prevent this include physical security and system access controls.
  • It is essential that the organisation is proactive in attempting to detect misuse of their system. The use of audit trail software can be used. 
  • When misuse has been detected, a full investigation should be carried out. 
  • Company procedures should include: physical security, system access, human resources issues, operational procedures, staff responsibility and sanctions. 
  • A security policy can only work if employees are aware of it and how it affects them. Employees can be made alert to security issues by: training, communication and legal obligations. 
  • A new business could purchase and adapt a pre-written security policy. 
1 of 3

Training policy

  • Organisations should consider the suitability of training by developing a corporate training policy which should be based on the following:
  • Skill requirements - the organisation has to identify the skills required for each role and level within a company. 
  • Course structure & availability - it is possible to organise attendance for employees at external training courses.
  • Financial issues - a training policy will be linked to a training budget. The cost of an individual training course needs to be considered. 
  • Cost benefit - staff training is a necessary investment for an organisation. 
2 of 3

Procurement policy

  • Hardware - including the procurement of servers, laptops. Various methods of procurement should be considered such as leading or purchasing. Key factors include a suitable delivery date and negotiated payment terms. 
  • Networking & communication technology  - including hubs, switches. It is important to ensure that equipment is compatible and at the right price.
  • Staff services & contract labour - contract labour can be used for large projects or expertise in certain fields. 
  • Software - systems software is usually bought off-the-shelf due to the standard nature of the product. Generic application software such as office software is also bought off-the-shelf. 
  • Office supplies & consumables - it is likely that the organisation will have an account with the supplier that can promise next day delivery. 
  • ICT procurement consultants - many large projects that operate on a long time scale will have to make sure budgets are complied with. Organisations may employ specialist consultants to maximise their purchasing efficiency. 
  • Disposal of equipment - many new companies have started up that can dispose equipment in line with current legislation.
3 of 3


No comments have yet been made

Similar ICT resources:

See all ICT resources »