IT Policies?

Documents on group policy, diseaster recovery, etc. If your a new administrator starting work at a company, what papers would you need to do your work properly?

KG

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

RTmarc

Personally, I'd rather see a network configuration including important IP addresses, a list of servers and their roles, and the demands from the IT department.

sprkymrk

Lots of good information here, see if this is what you're looking for:

http://www.sans.org/resources/policies/?ref=3731

garv221

RTmarc wrote:

Personally, I'd rather see a network configuration including important IP addresses, a list of servers and their roles, and the demands from the IT department.

That is a must. I like to see policies for everything..How users summit requests for IT issues, how my staff's time is billed and managed, budget, everything needs a policy so people can be held accountable . Your basic rules for playing the game

sprkymrk

garv221 wrote:

RTmarc wrote:

Personally, I'd rather see a network configuration including important IP addresses, a list of servers and their roles, and the demands from the IT department.

That is a must. I like to see policies for everything..How users summit requests for IT issues, how my staff's time is billed and managed, budget, everything needs a policy so people can be held accountable .

Dang Garv, you sound like a full fledged manager. Do you have pointy hair?

Just messing with you. As long as the policies help with management and do not overly hinder "getting it done" or set up unnecessary roadblocks I agree with you. The problem comes in when IT management use policies as a means of increasing their "power" over the rest of the company.

garv221

sprkymrk wrote:

The problem comes in when IT management use policies as a means of increasing their "power" over the rest of the company.

Very true & when those policies begin cover up passwords and information.

KGhaleon

So reviving this, do policies define the responsibilities of both staff and customer? (stating what we're responsible for, not responsible for, etc).

and are SOPs(standard operating procedures) different?

bighornsheep

KGhaleon wrote:

and are SOPs(standard operating procedures) different?

I've always viewed SOP as more of an external thing where as policy to be an internal thing. When a consultant comes in to work on a project, they're not going to be willing to sit down and read several dozen policy documents, they just want to know how things are done.

And I'd like to just pitch in my experience with IT departmental policies, too often exceptions are made and to make matters even worse, people assume and make a rule out of those exceptions...the resultant policy? anything goes.