ANRS Office Of Auditor General Policy & Procedure
SECTION 1: INTRODUCTION
As more organizations share information electronically, a common understanding of what is needed and expected in securing and wisely use of information technology (IT) resources is required. This document provides a baseline that ANRSOAG user can use to establish and review their IT resource & security programs. The document gives a foundation that ANRSOAG staff can reference when conducting Multi-organizational objectives as well as internal business. Management, internal auditors, users, system developers, and security practioners can use the guideline to gain an understanding of the basic security requirements most IT systems should contain. The foundation begins with generally accepted system security principles and continues with common practices that are used in securing IT systems.
GUIDING PRINCIPLES (AND DERIVED POLICIES)
GUIDING PRINCIPLE 1:
ICT INFRASTRUCTURE The OAG ICT infrastructure, including all ICT hardware, base software, and related device, will enable OAG data to exist and move with efficiency, integrity, and sustainability.
POLICIES
1.1 OAG ICT infrastructure will be reliable, secure, fast, cost effective and as adaptive as appropriate to the needs of OAG.
1.2 OAG ICT infrastructure performance is optimized and sustainable.
1.3 OAG will promote appropriate ICT access for all OAG personnel
1.4 OAG will actively work with and guide all partners in regards to its ICT infrastructure development
GUIDING PRINCIPLE 2:
INFORMATION SYSTEMS OAG computerized information systems will be minimal in number and complexity whilst delivering functionality identified through needs and cost-benefit-risk analysis.
POLICIES
2.1 OAG will minimize the number and complexity of software applications to maximize sustainability
2.2 OAG computerized information systems will address the data entry and information extraction needs of OAG stakeholders
2.3 OAG will ensure all information extraction and analysis is accurate, relevant and timely
GUIDING PRINCIPLE 3:
DATA INTEGRITY Encoded data will be accurate, complete, and timely and will remain protected from corruption, unauthorized access or change, or loss.
POLICIES
3.1 All OAG computerized data will remain free from corruption, unauthorized access or change, or loss
3.2 OAG will ensure all data collected, coded and entered are accurate, complete, and timely
GUIDING PRINCIPLE 4: HUMAN RESOURCES
OAG will attract, develop, and retain a knowledgeable ICT workforce whilst promoting awareness of ICT and the need for computer literacy at all OAG levels.
POLICIES
4.1 Awareness of ICT and the need for ICT literacy at all OAG levels will be promoted and developed
4.2 OAG will attract, develop, and retain a knowledgeable ICT workforce that will be able to contribute to the maintenance and further development of ICT
GUIDING PRINCIPLE 5: TRAINING & SUPPORT
OAG will deliver appropriate ICT training and cost-effective & sustainable support services for all OAG ICT Users.
POLICIES
5.1 OAG will ensure appropriate training to enable all personnel to gain maximum benefit from OAG ICT
5.2 OAG will establish, monitor, and maintain appropriate, cost-effective, and sustainable support services for all OAG ICT Users
GUIDING PRINCIPLE 6: ICT REGULATIONS
OAG will develop Policies, Strategies, Procedures, and Standards to assist promotion and management of best practice OAG ICT usage and sustainability.
POLICIES
6.1 OAG will work with national and regional institutions and development partners in the development and maintenance of ICT Policies and Strategies that are consistent with international and local laws, regulations, obligations and changes, are nondiscriminatory, and protect the interests of both the ANRS-OAG and the individual
6.2 OAG will develop ICT Management Activities to implement and support OAG ICT Strategies.
6.3 OAG will develop a comprehensive ICT Policy Manual to implement and support OAG ICT Strategies
6.4 OAG will develop ICT Procedures and Standards to implement and support OAG ICT Strategies.....Read Details