Masonry Magazine April 1993 Page. 34
Article 1
This article discusses general provisions.
Article 2
This article covers the purpose. The purpose is to establish policies and procedures for the management and control of information technology resources within the organization.
Article 3
This article defines scope. The scope encompasses all information technology resources owned, leased, or operated by the organization, including hardware, software, data, and networks.
Article 4
This article outlines authority. The Chief Information Officer (CIO) has the authority to implement and enforce these policies and procedures.
Article 5
This article details responsibilities. Department heads are responsible for ensuring that their staff comply with these policies and procedures. IT staff are responsible for implementing and maintaining the organization's information technology infrastructure.
Article 6
This article concerns definitions.
* **Information Technology Resources:** All hardware, software, data, and networks used to process, store, and transmit information.
* **Data:** Facts, figures, and other information used as a basis for reasoning, discussion, or calculation.
* **Network:** A group of two or more computer systems linked together.
Article 7
This article addresses policy statements. All information technology resources must be used in a manner that is consistent with the organization's mission and values. All data must be protected from unauthorized access, use, disclosure, disruption, modification, or destruction. All networks must be secured against unauthorized access and use.
Article 8
This article covers procedures. Procedures for managing and controlling information technology resources will be documented and maintained by the IT department. These procedures will be reviewed and updated on a regular basis.
Article 9
This article discusses enforcement. Violations of these policies and procedures may result in disciplinary action, up to and including termination of employment.