Scribd Logo
Upload

Welcome to Scribd!

  • ICT Policies & Procedure 2017 Ver 1.0

    Uploaded by

    Shihera Maurice
    14 views5 pages
    This document contains the Directorate of Information Communications Technology (ICT) policies and standards for Kisii County Government from October 2017. It includes 15 ICT policies covering areas such as asset management, backup, cloud computing services, data center access, disaster recovery, email use, ICT training, general ICT use, internet use, passwords, social media, server security, software development, technical assistance requests, and virtualization. It also includes 10 ICT standards on topics such as acceptable use of ICT facilities, electronic records management, information asset classification and control, information systems security management, data backup, ICT audit, ICT project management, systems development, and E-waste management. The document provides the framework to

    Original Description:

    ict

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains the Directorate of Information Communications Technology (ICT) policies and standards for Kisii County Government from October 2017. It includes 15 ICT policies covering areas such as asset management, backup, cloud computing services, data center access, disaster recovery, email use, ICT training, general ICT use, internet use, passwords, social media, server security, software development, technical assistance requests, and virtualization. It also includes 10 ICT standards on topics such as acceptable use of ICT facilities, electronic records management, information asset classification and control, information systems security management, data backup, ICT audit, ICT project management, systems development, and E-waste management. The document provides the framework to

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views5 pages

    ICT Policies & Procedure 2017 Ver 1.0

    Uploaded by

    Shihera Maurice
    This document contains the Directorate of Information Communications Technology (ICT) policies and standards for Kisii County Government from October 2017. It includes 15 ICT policies covering areas such as asset management, backup, cloud computing services, data center access, disaster recovery, email use, ICT training, general ICT use, internet use, passwords, social media, server security, software development, technical assistance requests, and virtualization. It also includes 10 ICT standards on topics such as acceptable use of ICT facilities, electronic records management, information asset classification and control, information systems security management, data backup, ICT audit, ICT project management, systems development, and E-waste management. The document provides the framework to

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    DIRECTORATE OF INFORMATION COMMUNICATIONS

    TECHNOLOGY (ICT)

    OCTOBER 2017 – FINAL COPY

    Tel: 0709 727 000 /11 or 0730 184 000 /11


    Email: treasury@kisii.go.ke/ ict@kisii.go.ke
    Website: www.kisii.go.ke

    1|Page KCG ICT Poli ci es & Standa


    r ds
    Contents
    LIST OF ACRONYMS AND ABBREVIATIONS...........................................................3
    FOREWORD.....................................................................................................................3
    PREFACE..........................................................................................................................4
    1.0 INTRODUCTION........................................................................................................5
    1.1 About Policies & Standards................................................................................5
    1.2 Policy & Standards Domains..............................................................................6
    2.0 SUMMARY OF THE POLICIES & STANDARDS...................................................7
    2.1 Acceptable use of ICT Facilities in the Public Service............................................7
    2.2 Electronic Records Management.............................................................................7
    2.3 Information Asset Classification and Control..........................................................7
    2.4 Information System Security Management.........................................................7
    2.5 Data Back-Up......................................................................................................7
    2.6 ICT Audit.............................................................................................................8
    2.7 ICT Project Management....................................................................................8
    2.8 System Development...........................................................................................8
    2.9 E-Waste Management.........................................................................................8
    2.10 Strategic and Operational Planning.................................................................8
    3.0 THE POLICIES............................................................................................................9
    3.1 Asset Management Policy........................................................................................9
    3.2 Backup Policy........................................................................................................13
    3.3 Cloud Computing Services Policy.........................................................................15
    3.4 Data Center Access Policies and Procedures.........................................................18
    3.5 Disaster Recovery and Business Continuity Policy...............................................21
    3.6 Email Policy Document.........................................................................................29
    3.7 ICT Training Policy...............................................................................................33
    3.8 ICT Use Policy.......................................................................................................35
    3.9 Internet Policy........................................................................................................41
    3.10 Password Policy...................................................................................................44
    3.11 Social Media Policy.............................................................................................48
    3.12 Server Security Policy..........................................................................................54
    3.13 Software Development Policy..............................................................................56
    3.14 ICT Technical Assistance Request Policy (KCG IT-008)...................................62
    3.15 Virtualization policy.............................................................................................67
    4.0 THE STANDARDS...................................................................................................69
    4.1 Acceptable use of ICT facilities in the public service.......................................69
    4.2. Electronic records management............................................................................79

    2|Page KCG ICT Poli ci es & Standa


    r ds
    4.3. Information Asset Classification and Control..................................................86
    4.4. Information Systems Security Management.........................................................88
    4.5. Data Back-up.........................................................................................................97
    4.6. ICT Audit........................................................................................................102
    4.7. ICT Project Management................................................................................116
    4.8. Systems Development...............................................................................117
    4.9. E-Waste Management.....................................................................................120
    4.10. Strategic and Operational Planning.................................................................121

    LIST OF ACRONYMS AND ABBREVIATIONS


    CD / CDROM Compact Disk / Compact Disk Read Only Memory
    COBIT Control Objectives for Information and related Technology
    DVD Digital Video Disk
    KCG Kisii County Government
    WAN Wide Area Network
    ICT Information and Communication Technology
    ISP Internet Service Provider
    IT Information Technology
    ITIL IT Infrastructure Library
    ITSM IT Service Management
    ISMS Information Security Management System
    ISO International Standards Organization
    LAN Local Area Network
    NGO Non-Governmental Organization
    PC Personal Computer
    SLA Service Level Agreement
    MDA Ministry, Department or Agency
    USB Universal Service Bus
    Val IT IT Value Delivery

    FOREWORD
    The County Government of Kisii recognizes that the presence of a capable, effective,
    and forward-looking Public Service that will be able to implement the County
    Government’s

    3|Page KCG ICT Poli ci es & Standa


    r ds
    development policies and deliver services in an efficient and timely manner, is a
    pre- requisite for fulfilling the good governance goals.
    The Kisii County Government Integrated Development Plan have included provision
    of electronic services by the public service as one of the indicators for the growth of
    the ICT industry and overall economic growth of the county.
    KCG ICT Standards focus on mainstreaming of ICT in the KCG to ensure that the
    county government realizes the potential of ICT in the efficient management of the
    public service and improvement of delivery of services to the general public.
    The Policies and standards have been developed for specific critical areas of the
    KCG Public Service.
    I would also like to thank Leading Consultants for their expertise in carrying out
    the development of the KCG ICT Policy and drafting the KCG ICT Standards.
    Further appreciation goes to all KCG staff especially from the ICT department and
    their officers who participated in the development of these Policies and Standards.
    It is my expectation that all Ministries, Departments and agencies will adhere to the
    Standards set here forthwith.

    Signed

    Robert Ombasa
    Ag. COUNTY
    SECRETARY KISII
    COUNTY GOVERNMENT

    PREFACE
    Kisii County Government has developed the KCG ICT Policies and Standards in
    order to ensure a systematic approach to ICT development, management and
    utilization in the KCG public service.
    A consulting firm, Leading Associates and ICT department staff coordinated the
    development process. The process involved in-depth consultations conducted with
    stakeholders throughout Kisii County Government Public Service.
    I trust that utilization of these Policies & standards will assist in improving the
    efficiency and effectiveness of ICTs as a crosscutting tool to the delivery of public
    service.

    JOHN BILLY MOMANYI


    CEC –FINANCE AND ECONOMIC PLANNING

    4|Page KCG ICT Poli ci es & Standa


    r ds
    1.0 INTRODUCTION
    1.1 About Policies & Standards
    A Policy is formal, brief, and high-level statement or plan that embraces governments’
    general beliefs, goals and objectives for a specified subject area. It focuses on desired
    results, not on means of implementation. Policies are further defined by standards and
    guidelines.

    Figure 1:
    Linkage
    s
    between
    policies,

    standards, guidelines and procedures

    Standards define the process or rules to be used to support the strategic directions of
    government policies. A standard is meant to convey a mandatory action or rule and
    should be written in conjunction with a policy.

    Guidelines provide general statements, recommendations, or administrative


    instructions designed to achieve the policy’s objectives by providing a framework
    within which to implement procedures.

    5|Page KCG ICT Poli ci es & Standa


    r ds

    You might also like