3rd Element Consulting, Inc. - The Need for Policies

Why write Policies? Let's start by identifying what a policy is. A policy is nothing more than a statement of purpose to define guidelines that accomplish a goal. When we say policy in the technology field, we're talking about I.T. Policies, Cell Phone policies, Acceptable Use Policies and the like.

We're asked quite often, “ do we really need an I.T. policy since we're a small business”. The answer is unless you're required to by law, no. However, unless you're O.K. with your employees doing anything they want with the company's equipment anytime they want, and you having no real say in it (in the eyes of the court) you should have one.
What should an I.T. Policy contain?
A typical I.T. Policy should have a statement of purpose to start the document. Everything that goes into your policy should support that purpose statement. You should have a section on what could happen if you violate the policy. There should be a definitions sections to spell out any terms that your employees may not be familiar with, or are open to interpretation. The remaining sections should be about the way you expect your employees to interact with technology in your company.

It's all in the language.
When you're writing a policy, keep in mind the words you are using. Make your point clear. Avoid using words such as should. Should implies that something is not required, it's more of an option. Do not use buzzwords or Acronyms unless you've put them in the definitions section and are able to define them clearly.

Make a living document.
Any policy, especially a technology based policy needs to be a living document. Technology changes fast enough that you will need to adjust your policy at least once per year, if not more. Set up regular intervals to review your polices and make any corrections or additions to them as needed.