Key Indicators of Good Practice
The following documents and policies would provide evidence of good practice in the area of information technology:
- A comprehensive IT Strategy that is aligned to the information strategy and updated regularly.
- Translation of the plan into an approved, long-term budget for the acquisition and replacement of major elements of the IT infrastructure.
- A Capacity Plan (either as a separate document or as part of the IT Strategy) showing estimated/planned usage and how the infrastructure will deal with this.
- A current Disaster Recovery/Business Continuity Plan and evidence that this is tested regularly in whole or in part (e.g. failover testing)
- A Security Policy and evidence that it is tested regularly perhaps by an independent body.
- An Acceptable Use Policy which all system users (staff, students and others) have signed
- Reports on security breaches to the Information Strategy Steering Committee.
- Reports on unplanned disruptions to the Information Strategy Steering Committee.