Take the Pain out of IT Policies

Use a proactive, purpose-driven approach to write and implement policies that enable organizational success.

Onsite Workshop

Ineffective policy management can lead to the following challenges:

  • IT policies are written reactively and are too narrowly scoped to address business risks.
  • IT policies are not well understood or enforced by the business.
  • Policies are difficult to locate and often provide contradictory prescriptions for behavior.
  • Policy management challenges take up too much of your time and focus.

Better policy management will help you:

  • Fully mitigate critical IT risks.
  • Simplify your IT policy network.
  • Standardize employee problem-solving process and behavior.
  • Improve policy adherence, employee engagement, and risk awareness.

Module 1: Establish & Assess

The Purpose

  • Identify the pain points associated with IT policies.
  • Establish the policy development process.
  • Begin formulating a plan to re-design the policy network.

Key Benefits Achieved

  • Establish the policy process.
  • Highlight key issues and pain points regarding policy.
  • Assign roles and responsibilities.

Activities: Outputs:
1.1 Introduce workshop.
1.2 Identify the current pain points with policy management.
  • List of issues and pain points for policy management
1.3 Establish high-level goals around policy management.
  • Set of six to ten goals for policy management
1.4 Select metrics to measure achievement of goals.
  • Baseline and target measured value
1.5 Create an IT policy working group (ITPWG).
  • Amended steering committee or ITPWG charter
1.6 Define the scope and purpose of the ITPWG.
  • Completed RACI chart
  • Documented policy development process

Module 2: Assess Your Risk Landscape & Map Policies to Risks; Create a Policy Action Plan

The Purpose

  • Identify key risks.
  • Develop an understanding of which risks are most critical.
  • Design a policy network that best mitigates those risks.

Key Benefits Achieved

  • Use a risk-driven approach to decide which policies need to be written or updated first.

Activities: Outputs:
2.1 Identify risks at a high level.
  • Ranked list of IT’s risk scenarios
2.2 Assess each identified risk scenario on impact and likelihood.
  • Prioritized list of IT risks (simplified risk register)
2.3 Map current and required policies to risks.
2.4 Assess policy effectiveness.
2.5 Create a policy action plan.
  • Policy action plan
2.6 Select policies to be developed during workshop.

Module 3: Develop Policies

The Purpose

Outline what key features make a policy effective and write policies that mitigate the most critical IT risks.

Key Benefits Achieved

Write policies that work and get them approved.

Activities: Outputs:
3.1 Define the policy audience, constraints, and in-scope and out-of-scope requirements for a policy.
3.2 Draft two to four policies
  • Drafted policies

Module 4: Create a Policy Communication and Implementation Plan and Monitor & Reassess the Portfolio

The Purpose

Build an understanding of how well the organization’s value creation activities are being supported.

Key Benefits Achieved

Identify an area or capability that requires improvement.

Activities: Outputs:
4.1 Review draft policies and update if necessary.
  • Final draft policies
4.2 Create a policy communication plan.
  • Policy communications plan
4.3 Select KPIs.
  • KPI tracking log
4.4 Review root-cause analysis techniques.

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book a Workshop View Blueprint
GET HELP Contact Us
×
VL Methodology