The terms "policy" and "procedure" are so frequently uttered in the same breath that few understand the difference between the two. In fact, they serve distinct purposes and carry different standards by which their success is measured.

• This step contains the core "Policy and Procedure Development Guide." This guide describes the key differences between policies and procedures, as well as offers best practices information on their characteristics when presented in a written format.

Even if written policies and procedures do exist, they may be fragmented, out of date, or so underused they are difficult to locate. Tracking down what you have creates a baseline for future policy and procedure development work.

• Start by filling out the "Policy/Procedure Inventory Tool" to begin your high-level documentation of what’s already in place. Also use the "Information Technology Standards and Guidelines Tool" to document standard IT products and tools to inform your policy and procedure-setting activities.

With all stakeholders identified, now you can begin the process of documenting the necessary components of the policy or procedure in detail.

• Use the "Stakeholders’ Requirements Interview Template" as either an interview guide or distributable questionnaire. The responses provided by stakeholders will give you an invaluable first-hand perspective of how a policy or procedure will (or should) play out in real life.
• The "Policy/Procedure Requirements Document" template is provided for you to summarize stakeholder requirements and serve as a basis for actual policy or procedure development.

Good policies and procedures employ a concise and pragmatic style that is not always easy to emulate. If you’re not a gifted writer, working with a standardized structure will ensure that your thoughts are well organized and that you remain consistent from document to document.

• This step offers some fundamental templates to aid in the drafting process, including a "Policy Template" and a "Procedure Template." If you wish to compile a complete manual, then use the "IT Department Policy and Procedure Manual" template.

The terms "policy" and "procedure" are so frequently uttered in the same breath that few understand the difference between the two. In fact, they serve distinct purposes and carry different standards by which their success is measured.

• This step contains the core "Policy and Procedure Development Guide." This guide describes the key differences between policies and procedures, as well as offers best practices information on their characteristics when presented in a written format.

Even if written policies and procedures do exist, they may be fragmented, out of date, or so underused they are difficult to locate. Tracking down what you have creates a baseline for future policy and procedure development work.

• Start by filling out the "Policy/Procedure Inventory Tool" to begin your high-level documentation of what’s already in place. Also use the "Information Technology Standards and Guidelines Tool" to document standard IT products and tools to inform your policy and procedure-setting activities.

Once a baseline of what you have is in place, then you can start the analytical process of identifying what you don’t have or what requires significant amendment.

• To complete this step, use the "Policy Needs/Gap Assessment Tool." This tool includes a large sampling of enterprise policies to aid in needs assessment, plus a method for prioritizing policy and procedure development work.

Like any project, developing policies and procedures involves stakeholders throughout the enterprise. However, many policies affect a much broader swath of individuals than the outputs of a typical IT project.

• Use the "Policy/Procedure Stakeholder List" to identify all individuals and groups who will be affected by the implementation of the policy or procedure or involved in its creation. From this larger group, apply the "Policy/Procedure Work Team Selection Tool" to extract a core set of individuals who will serve as dedicated development work team members.

With all stakeholders identified, now you can begin the process of documenting the necessary components of the policy or procedure in detail.

• Use the "Stakeholders’ Requirements Interview Template" as either an interview guide or distributable questionnaire. The responses provided by stakeholders will give you an invaluable first-hand perspective of how a policy or procedure will (or should) play out in real life.
• The "Policy/Procedure Requirements Document" template is provided for you to summarize stakeholder requirements and serve as a basis for actual policy or procedure development.

Every change has ramifications on people, technologies, and processes. Understanding the effect a change in policy or procedure will have on these components is an essential step in proactive risk mitigation as well as ensuring a successful rollout.

• The "Policy/Procedure Change Impact Assessment" will help you analyze the pressures that a change in policy or procedure will exert and their degree of severity. Follow the recommendations provided to manage the change effectively and efficiently.

Good policies and procedures employ a concise and pragmatic style that is not always easy to emulate. If you’re not a gifted writer, working with a standardized structure will ensure that your thoughts are well organized and that you remain consistent from document to document.

• This step offers some fundamental templates to aid in the drafting process, including a "Policy Template" and a "Procedure Template." If you wish to compile a complete manual, then use the "IT Department Policy and Procedure Manual" template.