Professional Documents
Culture Documents
BIBD IT Template 002 Policy Template
BIBD IT Template 002 Policy Template
BIBD IT Template 002 Policy Template
Policy Document
[Version xx]
CONFIDENTIAL
Document Control
Organization BIBD
Filename [Document number<space>document title]
Document Author [Name of Author]
Document Owner [Head of Department]
Release Date dd Month, yyyy
Next Review Date dd Month, yyyy
Revision History
Reviewed By
Approvals
This document must be signed off by CIO and Head of Department before considering the policy
effective. Maintenance and change approvals to be organized by IT Governance team.
Document Distribution
____________________________________________________________________________________________________________
[Document number]
[Version xx] [Document classification] P a g e |2
[Title of the process]
Contents
1 Purpose.....................................................................................................................................................4
2 Objective...................................................................................................................................................4
3 Regulation and Standard...........................................................................................................................4
4 Audience...................................................................................................................................................4
5 Scope of Policy..........................................................................................................................................4
6 Risks..........................................................................................................................................................4
7 Policy Details.............................................................................................................................................4
8 Responsibility............................................................................................................................................4
9 Policy Governance....................................................................................................................................4
10 Policy Compliance.....................................................................................................................................5
11 Policy Review............................................................................................................................................5
12 References................................................................................................................................................5
13 Key Message.............................................................................................................................................5
____________________________________________________________________________________________________________
[Document number]
[Version xx] [Document classification] P a g e |3
[Title of the process]
1 Purpose
[Define the purpose of this policy. Consider this of a Vision statement of the policy]
2 Objective
[List down the objectives of the policy (there can be multiple objectives to meet the purpose.
This is to be the mission statement of the policy]
[List the applicable regulation or standard’s clause that the policy is built for.]
4 Audience
5 Scope of Policy
6 Risks
7 Policy Details
[List down the complete details of the policy. This can include tables, charts, etc. as required]
8 Responsibility
It is the responsibility of the information owner to ensure adherence to this policy. The
information or data owner shall be solely responsible for the appropriate classification &
labelling of the information, document and data.
9 Policy Governance
The following table identifies who within BIBD is Responsible, Accountable, Informed or
Consulted with regards to this policy. The following definitions apply:
____________________________________________________________________________________________________________
[Document number]
[Version xx] [Document classification] P a g e |4
[Title of the process]
Responsible – the person(s) responsible for developing and implementing the policy.
Accountable – the person who has ultimate accountability and authority for the policy.
Consulted – the person(s) or groups to be consulted prior to final policy implementation or
amendment.
Informed – the person(s) or groups to be informed after policy implementation or
amendment.
10 Policy Compliance
E.g. If any BIBD staff is found to have breached this policy, they may be subject to BIBD
disciplinary procedure, as per “Human Resources Policy Manual”. If a criminal offence is
considered to have been committed, further action may be taken to assist in the prosecution of
the offender(s).
When any deviation from this policy or related processes and procedures is required, the
requester has to seek for Risk Acceptance approval as per BIBD Enterprise Risk Management
Framework.]
11 Policy Review
[Define the review process for this policy.
All document has a maximum validity period of 3 years from the last revision date. Document
owner must assess and review their documents for continued applicability within this period.
Documents shall be revised immediately in case of major changes to the work environment in
terms of technology or process, if the change leads to any impact to the current process or
procedure.
E.g. This policy shall be reviewed at least once a year, from the approval date, as part of an
overall management review by BIBD IT governance team. The policy will also be reviewed in
response to significant changes in any associated policy of BIBD.
The performance of the policy shall be assessed with clearly defined parameters to measure
the level of success in meeting set goals and objectives.]
12 References
____________________________________________________________________________________________________________
[Document number]
[Version xx] [Document classification] P a g e |5
[Title of the process]
13 Key Message
E.g. If you are unsure of anything in this policy or how it may apply to you, seek advice from IT
Governance team.]
____________________________________________________________________________________________________________
[Document number]
[Version xx] [Document classification] P a g e |6