Access Projects (Pvt) Ltd. Information Technology Policy

Similar documents
GENERAL INFORMATION. Title: IT Systems and Infrastructure Administrator. Classification: Exempt

APCC Policy Statement

IT Purchasing Policy. Version (February 2018) ITPOL012. IT Purchasing Policy v3.0.1 ( )

Section II: Schedule of Requirements

REQUEST FOR PROPOSALS: INFORMATION TECHNOLOGY SUPPORT SERVICES

JOB DESCRIPTION. Director of e-learning. Director of Corporate Services. Salisbury East, Strathalbyn and Murray Bridge PURPOSE OF THE POSITION

CITY OF KOTZEBUE REQUEST FOR PROPOSAL ADMINISTRATION IT SERVICES FOR FY18 REQUEST FOR PROPOSAL INFORMATION TECHNOLOGY SUPPORT SERVICES


Desktop Support Program Service Level Expectations

System and Server Requirements

ICT and Computing Curriculum leader, Business Manager and ultimately the Headteacher

Service Level Description (SLD) for Physics IT Support

The North Suburban Emergency Communications Center (NSECC) Managed Information Technology Services. Request For Proposal

SYSTEM REQUIREMENTS SAP BUSINESS ONE v9.1 & TASKCENTRE FOR SAP BUSINESS ONE

SEDIBENG TVET COLLEGE GROW WITH THE FLOW COLLEGE COUNCIL PAID POSTS

Questions and Answers. For. NETWORK Services RFP #

6 MONTH SUPPORT CONTRACT

1. Overview, Type of Maintenance

IBM Emptoris Strategic Supply Management on Cloud

{Buffalo County} IT Managed Services REQUEST FOR PROPOSAL BUFFALO COUNTY

GMS NETWORK PLUS PRODUCT SPECIFICATION 1. INTRODUCTION 2. SERVICE DEFINITION. 2.1 Service Overview. GMS Network Plus

ITS Service Level Agreement

Equal Opportunities & Diversity Policy

Request for Proposal

Workplace Health & Safety Policy

B. Victims May be male or female, and do not have to be the opposite sex of the harassers. Victims may be anyone offended by the conduct.

APPENDIX E IT Standards and Levels of Support Service Provided by ITS and ITS Performance Pledges

APPENDIX C IT Standards and Levels of Support Service Provided by ITS and ITS Performance Pledges

IBM Emptoris Contract Management on Cloud

JOB DESCRIPTION. IT Network Manager

Data Protection/ Information Security Policy

EQUAL OPPORTUNITIES & DIVERSITY POLICY FastTrack Policy

THREE YEAR ON-SITE COMPREHENSIVE IT SERVICES FOR THE DES PLAINES PUBLIC LIBRARY, No

Performance Development Review Role Profile. Principal Support Analyst: Desktop Team Manager

IBM Emptoris Services Procurement on Cloud

Under the Act unlawful discrimination occurs in the following circumstances:

ANNEX 2 Security Management Plan

Equal Opportunity and Diversity Policy Document

Introduction Why is data protection important? How does it apply to volunteers? What volunteers need to do?...

Position Description. Job Summary: Campus Job Scope:

INTER CA NOVEMBER 2018

RSD Technology Limited - Data protection policy: RSD Technology Limited ( the Company )

Software Asset Management (SAM) Statement of Work (SOW) SAM Infrastructure Optimization (For use with the Microsoft SAM Services Incentives Program)

SMB Virtualaze Success Story

Information, Privacy and Archives Division. Government of Ontario Function-Based Common Records Series: Information Technology

Job Description. AoC Point ,845-35,818 per annum

PERSONAL DATA SECURITY GUIDANCE FOR MICROENTERPRISES UNDER THE GDPR

Equality and Diversity Policy

GOVERNANCE AES 2012 INFORMATION TECHNOLOGY GENERAL COMPUTING CONTROLS (ITGC) CATALOG. Aut. / Man. Control ID # Key SOX Control. Prev. / Det.

March 17. ICT Trainee

XTP Recruitment Ltd ( the Company ) Model equal opportunities and diversity policy

Request for Proposals Information Technology Support Services

Oakland County Department of Information Technology Project Scope and Approach

Job Description: Strategic Business Manager

21 CFR Part 11 A Risk Management Perspective

Information Security Policy

1 P a g e. IT Tailored to Your Needs

Equal Opportunities Policy

LCS Toyota Lexus IT Transition Project

ICT budget and staffing trends in Germany

SAP BUSINESS ONE v9.2 & TASKCENTRE FOR SAP BUSINESS ONE. Virtual Server (Dedicated to running SAP Business One for SQL and Microsoft SQL Server only)

Administrative Services About Administrative Services

Information Asset Management Procedure

EQUAL OPPORTUNITIES & DIVERSITY POLICY STATEMENT

Equality and Diversity Policy

Application Performance Management Advanced for Software as a Service

MANAGED NOC AND HELP DESK SERVICES

PayStat Frequently Asked Questions

Business Continuity Policy & Procedure (incorporating IT contingency plans)

Norwood Primary School

DISASTER PREPAREDNESS Guide & Template

Data Protection Policy

Request for Proposals (RFP) Shared Information Technology (IT) Services for Rural Communities of Scott County, Iowa

VACANCY POSITION GLOBAL FUND COORDINATING UNIT (GFCU)

MINNESOTA STATE STANDARD

Equal Opportunities and Diversity Policy

Acumatica Licensing Guide

Annex Ic - Archive documentation system - Invenio

Sir Winston Churchill once said,

BRITANNIA BUSINESS MANAGEMENT SYSTEM Equal Opportunities Policy

Enterprise Call Recorder

Equality and Diversity Policy

SERVICE LEVEL AGREEMENT (SLA) IT SUPPORT

University College Cork National University of Ireland, Cork Records Management Policy Version 1.0

SYSTEM OVERVIEW... 3 THE DEVELOPER... 4 VMOSNET TIME LINE... 5 DEVELOPMENT TECHNOLOGY... 6 REQUSITIONING & PURCHASING INTERFACES...

Weston County Request for Proposal Information Technology Support Services

EQUAL OPPORTUNITIES STATEMENT AND GUIDELINES ON EMPLOYMENT PRACTICE TICEHURST PARISH COUNCIL

EQUALITY & DIVERSITY POLICY Non Statutory

1.1 This report provides committee members with an update on the current position of ICT services.

Intelligent Asset Management Servers, Desktops, Notebooks, Tables Smartphones

Service Level Agreement (SLA) for IPA Offices By. Dubuque Internal Medicine

Oakland County Department of Information Technology Project Scope and Approach

JSCS Proposal. The high level statement of what the JSCS should deliver and achieve

HARASSMENT AND BULLYING POLICY

CORRIGENDUM NO 1 FOR RFP FOR IMPLIMENTATION OF ICT SCHEME IN 5000 SCHOOLS (ICT PHASE III) IN VARIOUS REGIONS OFD MAHARASHTRA STATE Page S.N. No.

LOS ANGELES UNIFIED SCHOOL DISTRICT Reference Guide

DATA PROTECTION POLICY

JOB DESCRIPTION Area ICT Operations Manager

OIS Client Services: Service Level Agreement

Equal Opportunities and Diversity Policy for Staff

Transcription:

Procedure Manual Version 1.1 Information Technology Last updated on 24-09 - 2016 Access Projects (Pvt) Ltd. Information Technology Policy Prepared by Version 1.0 Authorized by Version 1.0 Name: Nalaka Bandara Signature Name: Nishal Ferdinando Signature Designation : ICT Executive Date Designation : Director Date Page 1 of 10

Table of Contents 1.1 Introduction... 3 1.2 Policy Statement... 3 1.3 Scope... 3 1.4 Roles and responsibilities:... 3 1.5 Audit and review... 3 1.6 Internet and Email Usage... 4 1.7 Network and Systems IT Security... 5 1.8 Computers, Software and Hardware... 5 1.9 Helpdesk... 7 1.10 Application Development.... 7 1.11 Back-up and Archiving:... 8 1.12 Upgrading of Hardware.... 8 1.13 Disaster Recovery and Business Continuity for IT Assets... 9 1.14 Risk Assessment... 9 1.15 Asset Register... 10 1.16 Security... 10 Page 2 of 10

1.1 Introduction 1.1.1 This policy is designed to be the overall Information Technology Policy for Access Projects (Pvt) Ltd. 1.1.2 The policy is designed to ensure that all departments of Access Projects (Pvt) Ltd will comply with all relevant compliance legislation in respect of Information Technology. The policy will describe specific rules on Information Technology and reference any subservient policies that will describe policy in more detail. 1.2 Policy Statement 1.2.1 The purpose and objective of this Information Technology Policy is to standardize the usage of IT Assets and to protect Access Projects (Pvt) Ltd information assets from all threats, whether internal or external, deliberate or accidental, it also describes measures to prevent misuse, ensure business continuity, minimise damage and maximise return on investment. 1.3 Scope 1.3.1 This policy is intended for all staff and any visitors using the Access Projects (Pvt) Ltd. IT systems, data or any other information technology asset. 1.3.2 For the purposes of this Policy the term staff will be taken to mean paid employees, consultants, sub-contractors employed by Access Projects (Pvt) Ltd. 1.4 Roles and responsibilities: 1.4.1 The Policy is approved by the Executive Director of Access Projects (Pvt) Ltd. 1.4.2 The Managing Director of Access Projects (Pvt) Ltd. is the designated owner of the Information Technology Policy. 1.4.3 The ICT Executive will be responsible for implementation and monitoring of the Information Technology Policy. 1.4.4 All members of staff are expected to have read, understood and to adhere to the IT Policy. Breaches of any of the policy rules will in the first instance be reported to the line manager and then a record of the breach should be passed to the ICT Executive. 1.5 Audit and review 1.5.1 The ICT Executive will be responsible for arranging and monitoring regular audits of all aspects of the Information Technology Policy. The results of audits will be recorded and logged. Audits will be carried out no less than annually. 1.5.2 The Information Technology Policy will be reviewed annually by the ICT Executive and approved by the Executive Director. Page 3 of 10

1.6 Internet and Email Usage 1.6.1 Internet Access 1.6.2 All head office staff members will be granted Internet access. The ICT Executive to implement a Firewall and restrict access to the following material. All Videos Adult Content Social Media Websites Note : Access to any job related websites can be granted subject to the Executive Director s Approval. 1.6.3 The ICT Executive to obtain a report of all websites visited by all staff members on a daily basis. This report has to be forwarded by the ICT Executive to Manager QMS on a daily basis. 1.6.4 Manager QMS to take necessary action based on the report. 1.6.5 You may not use internet / email to write, send, read, or receive data that contains content that could be considered discriminatory, offensive, obscene, threatening, harassing, intimidating, or disruptive to any employee or other person. Examples of unacceptable content include (but are not limited to) sexual comments or images, racial slurs, genderspecific comments, or other comments or images that could reasonably offend someone on the basis of race, age, sex, religious or political beliefs, national origin, disability, sexual orientation, or any other characteristic protected by law. 1.6.6 Wi-Fi Access 1.6.7 Wireless access will be provided to staff members using APWI Network. All social networks will not be accessible from this network. 1.6.8 Wireless access will be provided to guests using the AP GUEST Network. 1.6.9 Email Accounts 1.6.10 Department Head to request email accounts through an email to the ICT Executive. User to fill the Email Requisition Form, sign and submit to ICT Executive with the divisional heads approval. 1.6.11 ICT Executive to ensure that the email account is created within 1 working day from the requisition. Maximum storage per email account is 1 GB. 1.6.12 The use of email and the Internet within Access Projects (Pvt) Ltd. is controlled by the IT Policy and overseen by the ICT Executive. 1.6.13 HR to advise the ICT Executive on the staff members who leave / transfer within the organization. ICT Executive to check with the Executive Director whether to forward the email account to another employee. If not delete / amend the respective email accounts / groups immediately. Page 4 of 10

1.6.14 The Project Manager to provide a list of the site staff members who require email accounts to the GM Construction for approval and thereafter forward it to the ICT Executive for action. 1.6.15 Email accounts will be provided for the following staff members with approval from the Director, on the Google Cloud Service. This is for security reasons. Managing Director Director GM Construction Manager Costing & Estimation Chief Architect Accountant Manager QMS Project Manager (Selected PMs) ICT Executive 1.7 Network and Systems IT Security 1.7.1 The computer network is part of the Access Projects network and is managed by the ICT Executive. The ICT Executive audits and monitors the systems and will have access to the administration systems. 1.7.2 Staff members can be given a 50MB space on the server. Approval would need to be obtained by Line Manager and Executive Director. 1.7.3 Every Site & Factory to have a hard ware firewall for sites which have more than 5 Desktops / Laptops. 1.7.4 Dongles to be provided to site staff if the sites have less than 5 Desktops / Laptops 1.7.5 The firewall will not be required if Dongles are provided to the site staff. 1.7.6 Network access to be given to sites which have more than 5 Desktops / Laptops 1.8 Computers, Software and Hardware 1.8.1 Line managers will ensure that their staff members adhere to the Information Technology Policy. Any breaches will be reported in the first instance to the ICT Executive. 1.8.2 For IT hardware requests for departments / sites, an IT equipment request form to be filled, necessary approvals obtained and handed over to the IT department. 1.8.3 The ICT Executive needs to obtain 3 quotations from suppliers for purchase of new items. 1.8.4 Changes to Hardware / Software configurations of a company Desktop Laptop can only be done with the ICT Executive s Approval. Staff members are strictly prohibited to make any changes to the Hardware / Software configurations of a company Desktop Laptop machine. 1.8.5 All purchasing of IT equipment MUST go through the purchasing department. The ICT Executive to obtain three quotations for new items. 1.8.6 The ICT Executive to negotiate with the suppliers and fix prices for 1 month. The prices to be reviewed monthly by the ICT Executive. Page 5 of 10

1.8.7 Access Projects should purchase ONLY branded Desktop / Laptop Machines. 1.8.8 The warranty provided by the supplier should be for all components of the workstation / Laptop. 1.8.9 Software Installation 1.8.10 RNH IT will be contacted for any technical assistance related to the website. The website will be updated using the Portal by the ICT Executive. 1.8.11 The Access Projects Facebook Page to be maintained by the PA to the Director. 1.8.12 The procedure to obtain Hardware / Software Configurations is as follows. Request made by staff member->department Head to Approve-> Sectional Head to approve- >Raise PO->Purchase Item The following hardware configurations are to be used when providing workstations / laptops to staff Staff Grade PC / Laptop Configuration Project Manager Intel core i3 or i5 Notebook, 4GB Memory 500GB Hard disk 15.6 screen, mouse, virus guard, Company E mail, Company Dongle, Software- Windows 7 or Windows 8,MS Office,MS PROJECT,AUTOCAD, ADOBE Site Engineer Quantity Surveyor Accounts Assistant Trainee Quantity Surveyor Store keeper CAD Draughtsman GM and above grades Manager Level 4 & Above Senior Executive & Below (Depending on nature of Job) Executive Level 1 & Below Intel i3 Note book, 4GB Memory 500GB Hard Disk,15.6 screen, mouse, virus guard Company email,dongle if recommended by Project Manager Intel i3 or Dual core Desktop or second hand computer recommended by Dept. Manager, 4GB Memory 500GB Hard disk, UPS, Virus Guard Intel i3 or Dual core Desktop or second hand computer recommended by Dept. Manager, 4GB Memory 500GB Hard disk, UPS, Virus Guard Core 2duo processor, 4GB RAM,500GB Hard disk second hand branded desktop computer, UPS and Virus Guard Core 2duo processor, 4GB RAM,500GB Hard Disk second hand branded Desktop Computer, UPS and Virus Guard Intel core i7 or i5 processor,8gb or 16GB RAM, 500GB Hard Disk,22 Monitor, UPS,Virus Guard branded Desktop Computer Intel core i5 Notebook / Desktop, 4GB Memory 500GB Hard disk 15.6 screen, mouse, virus guard, Company E mail, Company Dongle, Software- Windows 7 or Windows 8,MS Office,MS PROJECT,AUTOCAD, ADOBE Intel i3 Desktop / Notebook, 4GB Memory 500GB Hard Disk,15.6 screen, mouse, virus guard Company email,dongle if recommended by Project Manager Intel i3 Desktop / Notebook, 4GB Memory 500GB Hard Disk,15.6 screen, mouse, virus guard Company email,dongle if recommended by Project Manager Dual core Desktop or second hand computer recommended by Dept. Manager, 4GB Memory 500GB Hard disk, UPS, Virus Guard Page 6 of 10

1.8.13 Any variation to the above configurations, depending on the job role, would require the prior approval by the Executive Director, for Construction related items prior approval by the General Manager Construction would be required. 1.8.14 The Staff member has the right to choose between a Desktop / Laptop for his / her work. 1.8.15 An ipad will be provided only for staff grades of GM and above. 1.8.16 The staff member to fill a Software Installation Completion form after all the required software has been installed the Desktop / Laptop 1.8.17 A backup laptop can be provided for each department. One person in the department needs to be responsible for it. 1.8.18 If a staff member requires both a Desktop and a Laptop, it would require the prior approval by the Executive Director, for Construction related items prior approval by the General Manager Construction would be required. 1.8.19 ONLY the department head can request for IT resources for the department. 1.8.20 Damages / loss of a company owned IT equipment assigned to a staff member, will be recovered up to a maximum of LKR 50,000/- from the staff member. The ICT Executive to obtain an estimate for the repairs and fill a damages to IT equipment re-imbursement form and hand over to the Accounts dept. In an exceptional situation the Executive Director has the authority to waive off the cost of the Laptop. 1.8.21 On the receipt of a Desktop / Laptop by a staff member for use, he / she to fill an IT Material Receivable Form. 1.8.22 On the receipt of a new / repaired Desktop / Laptop by a staff member, he / she to fill a Repaired/Replaced Items Receivable Form. 1.9 Helpdesk 1.9.1 All IT related complaints, issues to be logged into the online IT Helpdesk System. The ICT Executive to check the logs every hour and action them. 1.9.2 The ICT Executive to provide the timelines to action each type of request. 1.10 Application Development. 1.10.1 Proper risk assessment would need to be carried out on all new application development projects. 1.10.2 All Software Developments require the approval by the Executive Director. 1.10.3 The Peachtree system used by the Accounts department is the only software system acquired by a third party. All customized software development for Access Projects (Pvt) Ltd will be carried out by Nsoft Solutions (Pvt) Ltd. The Executive Director would need to enter into an agreement with Nsoft Solutions (Pvt) Ltd for the software development. Items to be considered when finalizing software / hardware purchase agreements. Page 7 of 10

Warranty After Sales Support Source Code can be obtained or not 1.11 Back-up and Archiving: 1.11.1 All data must be archived appropriately when they are no longer required within the organization. 1.11.2 The ICT Executive would need to Back-up the Back-up server on external hard drives on a weekly basis and store them safely at the Head Office premises. 1.11.3 All the divisional heads to certify on a monthly basis, that their respective divisions data and Emails have been duly backed up in the File Server by getting his / her staff members to fill the Data Back-up Form, Sign off at the end and send to the ICT Executive by the 5 th of the following month. 1.11.4 The ICT Executive would need to Back-up All the email accounts. 1.11.5 External Hard drives can be provided with approval of the Executive Director. 1.11.6 If a construction site requires an external Hard Disk, it can be provided with approval from the GM construction. 1.11.7 After the site is completed the ICT Executive to ensure that the External Hard Disks are returned and the data is copied to the File Server. 1.11.8 All files older than 8 years have to be deleted from the system. The ICT executive to coordinate with the departments to ensure this is done annually. 1.11.9 Access Projects Maintains 3 Servers as follows. Server Name Location Purpose Authorized Users Accounts Server Accounts Dept. Host the Peachtree System Server 2 H/O 1 - IT Room Project Management System Costing & Estimating Software Finance Manager, Manage Accounts ICT Executive File Server 1 H/O 1 - IT Room All divisions store / backup data ICT Executive File Server 2 Nawala Office ALU / CEI / MKT store / backup data ICT Executive System Server 3 Nawala Office Ceiling & Material Management Software ICT Executive / Nirosh 1.12 Upgrading of Hardware. 1.12.1 The ICT Executive to ensure that a review of the existing hardware configurations of company owned Desktop / Laptop machines is carried out annually. 1.12.2 Subject to the above review, upgrading of the existing hardware configurations of company owned Desktop / Laptop machines should be carried out every 3 years. 1.12.3 Subject to the above review, replacement of the existing hardware configurations of company owned Desktop / Laptop machines should be carried out every 5 years. Page 8 of 10

1.13 Disaster Recovery and Business Continuity for IT Assets 1.13.1 Access Projects (Pvt) Ltd would conduct business continuity planning for IT Assets in the following manner. The plan will be reviewed annually by the ICT Executive and will be approved by the executive Director. Department / Staff Member Risk Ranking Managing Director 1 Ipad Contingency Strategy Executive Director 2 Use Planning Eng. Desktop Machine General Manager Construction 3 Use Head of Q/S Desktop Machine, Ipad ICT Executive 4 Backup Laptop of ICT Executive Planning & Procurement Mgr 5 Backup Laptop of Planning Manager Head of Quantity Surveying 6 Backup Laptop of Q/S Dept Head of Drafting 7 Backup Laptop of CAD Manager s Laptop Site Project Manager 8 Backup Laptop of Site Q/S Dept Head of Accounts 9 Backup Laptop of the company Head of Purchasing 10 Backup Desktop of the Purchasing Dept. Head of Marketing 11 Backup Laptop of Marketing Dept Head of Human Resources 12 Laptop of Admin Manager Ceiling 13 Laptop of Ceiling Manager Aluminium 14 Backup Laptop of Head Aluminium Dept. Head of Factory 16 Laptop of Factory Manager 1.14 Risk Assessment 1.14.1 Access Projects (Pvt) Ltd will have an up to date Risk Register as follows. # Description 1 Power failure- Reason for Power supply unit or Mother board issue Probability 1= low 5 = high Impact 1= low 5 = high 4 5 Mitigation / Contingency Strategy Manage Power supply, setup UPS units, replace faulty components 2 Hard disk Failure reason for lifting,power failure, or physical damage 3 5 Backup data on the server, obtain assistance from hardware vendor to retrieve data 3 Memory Failure - factory issue 3 2 Fix new / additional memory 4 Monitor - Factory issue 3 2 Replace Monitor. 5 Reduction of computer speed - reason virus or hardware issue 4 3 Install Genuine Antivirus Software, Renew license on-time, obtain assistance from hardware vendor to retrieve data to retrieve data 6 Misuse by staff 2 3 Implement rules. Take disciplinary action as per disciplinary procedure. Page 9 of 10

7 Network Failure 3 5 8 Backup Failure 1 5 Maintenance of network infrastructure, install Surge Protectors, rectify network issue. Test backup status weekly. Maintain a bi- weekly backup of the server at another location. 1.14.2 Any major changes to IT hardware / software must be with the director s approval. An IT Change Request form must be filled and approval obtained from the director before proceeding with the change. 1.15 Asset Register 1.15.1 The ICT Executive to maintain a register of all IT Equipment in collaboration with the Accounts Department. The ICT Executive to update the register every time an item is released to a department or acquired. IT Officer to perform a stock take of all the IT Assets every year. 1.16 Security 1.16.1 ICT Executive to maintain an administrator accounts as well as a user account for all company desktop / Laptop machine. A list of updated passwords to be given to the Personal Assistant to the Director. 1.16.2 Only authorized personnel will be allowed to go into the IT room. 1.16.3 ICT Executive to ensure that an Anti-Virus Software is installed in every company owned Desktop / Laptop machine. Page 10 of 10

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback