No 3 of eight slide decks written for small to medium sized enterprises considering publishing a web site for the first time. Sets out some of the factors to be considered when commissioning a web site in respect of writing and producing policy and governance documentation. Contains a link to a set of policy and governance documents, free to download
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
GDPR and EA Commissioning a web site, part 3 Policy and Governance
1. The Organisation As A System
The Performance Organisers
Structured Coherent Design
The Performance Organisers
Commissioning a Web Site
Part Three – Policy and Governance
The introduction slide deck video can be downloaded here
This slide deck can be downloaded from here:
http://www.jitsoftware.co.uk/training/websitecse/pandg.pptx
The preceding video on the legal matters can be downloaded
here
3. The Performance Organisers
About the Author:
• Allen Woods, recently retired.
• Ex British Army (1971 – 1995) Taught Arctic Warfare, Several Years
On Operations, Funded Himself through College to Study IT
• Chartered Member of the British Computer Society for 20 years
• Member of the Chartered Status Interview Panel for BCS
• In 2010, Finalist of UK “Developer Of The Year” Competition for HSIS
• Primarily Employed in UK Defence Supply Chain and Logistics IT
since 1995 until 2019
• Credits: MoD Health and Safety Information System, Various Internal
to Defence P&G Portals, CATMIS, IQB Oversight to Defence Voyager
Programme IM Transformation
• Linkedin Profile
Commissioning a Web Site – Policy and
Governance
5. The Performance Organisers
Strategy..
• Derived from “reason for being” as expressed in
“charter” or “articles of association”.
• Which determines doctrine
• Which manifests itself as long term planning “vision”
• From which is drawn shorter term “mission”
• From both of which policy is derived
• Which in turn the nature of monitoring and policing of
achievement is carried out as governance
Commissioning a Web Site – Policy and
Governance
6. The Performance Organisers
Policy..
• Articulation of intent derived from strategy
• From which can be drawn objectives
• Constrained by time, legislation, professional
standards and capability
• Which will have common strands or “lines of
development”
Commissioning a Web Site – Policy and
Governance
7. The Performance Organisers
Governance
• Definition of the rules that define how policy will be
adhered to
• Supported by auditable performance monitoring
• Against which can be aligned processes, assets and
capabilities
• Constrained by time, legislation and means
• Which provides the means to demonstrate compliance
through objective audit if properly structured
Commissioning a Web Site – Policy and
Governance
8. The Performance Organisers
Which together……..
• Contribute determining the organisation scope
• Which should define organisation form, function and
purpose
• That provides the means to identify the organisation
boundary
• And establish the “art of the possible” in compliance
terms and identify capability gaps.
• Which gives you a way to proceed to develop a
compliance regime
Commissioning a Web Site – Policy and
Governance
10. The Performance Organisers
Commissioning a Web Site – Policy and
Governance
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Policy and
Governance
mature with the
expansion of
organisation
boundary
Technical Legal
The Organisation Boundary
Consultancy
11. The Performance Organisers
Commissioning a Web Site – Policy and
Governance
Inventory
Acquisition
Capability
Development
Capability
Sustainment
Head Office
Finance
Operations
Stakeholders
Committees
Customers
Policy and
Governance
mature with
organisation
complexity
Each with their own ways of working
12. The Performance Organisers
Ontologically, policy and governance can be layered
Strategy – Articulation of Vision and Mission
Policy
Governance
Objectives
Process, Procedure, Task…, Assets and
Capabilities
Commissioning a Web Site – Policy and
Governance
14. Working Documents
Process step one Process step two Process step three Process step n
Processes
CORPORATE
STRATEGY
Analysis
Dimensions
Policy
Governance
Qualitative and Quantitative
Performance Metrics
Management
Reporting
Data
Tools
Risk
Issues
Lessons Learnt
WBS Based
Line
Referencing
OLAP Facts
Collated and Aggregated Data
Working
Masters
Status
Site ID, Site Navigation
CMS &
Hub
Documents
WBS Based
Document
Referencing
Process
Masters
Templates and Standards Documentation
Operating Concepts
Commissioning a Web Site – Policy and Governance
Policy and Governance
matures with data to
information flow
15. The Performance Organisers
S1- Operations
Process
Business
Area
Process
Business
Area
Process
Business
Area
Validation
I
n
f
e
r
e
n
t
i
a
l
D
i
s
t
a
n
c
e
Economic
Efficient
Effective
Evolve
S3-Monitoring
Fact Generation (metric Profiles)
S2- Co-ordination
Multi Perspective Value Streams
Facts
Unstructured
Data
Objectives
S4-Decision Support
Charter Mission Vision
S5-Policy
Operating
Environment
Customers
Stakeholder
Suppliers
External
Authorities
Standards
Alignment
Evidence
Collation
Decision Support
(Semantics, Pattern Recognition etc)
Inform
InversionofControl Commissioning a Web Site – Policy and Governance
GIGO Rules
18. The Performance Organisers
Commissioning a Web Site – Policy and Governance
Person
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Technical Legal
Consultancy
People
Staff
Personal Data
Personal Information Identifiers (PII)
Interaction “as a maturing conversation”
Stakeholders
19. The Performance Organisers
Person
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Technical Legal
Consultancy
People
Staff
For the site owner, the
most significant change
is that people now have
rights they can exercise
whenever and wherever
they like and the site
owner MUST respond to
the exercise of those
rights…….
Commissioning a Web Site – Policy and Governance
20. The Performance Organisers
Person
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Technical Legal
Consultancy
People
Staff
External Authorities
WILL hold data
controllers accountable,
top down, bottom up
and laterally in the event
that there is a systemic
failure of compliance
Commissioning a Web Site – Policy and Governance
23. The Performance Organisers
Commissioning a Web Site – Policy and Governance
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Layered
Privacy
management
“by design”
Technical Legal
The Organisation Boundary
Consultancy
Person
26. The Performance Organisers
Commissioning a Web Site – Policy and Governance
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Management of
Location and
Ownership
Technical Legal
The Organisation Boundary
Consultancy
Person
29. The Performance Organisers
Commissioning a Web Site – Policy and Governance
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Layered
Security
management
“by design”
Technical Legal
The Organisation Boundary
Consultancy
Person
32. The Performance Organisers
Commissioning a Web Site – Policy and Governance
Client 1
Client 3
Client 2
Server room
Internet Service Provider
External Client
Policy and
Governance
and Staff TOR’s
Technical Legal
The Organisation Boundary
Consultancy
Person
33. The Performance Organisers
People who can help………
To follow on LinkedIn
Tom Graves
Patrick Hoverstadt
Nicolas Figay
Harald Kreher
David Clark (FBCS)
Dave Snowden
Richard Self
Mark Gewertz
Commissioning a Web Site – Policy and
Governance
35. The Performance Organisers
Reading List
• Living Systems
• Cognition
• Patterns of Strategy
• ISO 27000 Pocket Guide
• JSP 600 Series
• Policy and Governance Guide
• Corporate Strategy
• Data Protection Officer
• Creative Problem Solving (Total Systems Integration)
• ICSA Guide to Document Retention
• IT Governance
• Creating the Corporate Future
• The Fifth Discipline
• My Years With General Motors
• CISSP
• ITIL
• COBIT
• CMMI
• TOGAF
• Software Asset Management
• Linked
Commissioning a Web Site – Policy and
Governance
36. The Performance Organisers
• Useful Organisations
• The Law Society
• The UK Information Commissioners Office
• The UK National Cyber Security Centre
• Irish Data Protection Commission
• CNIL
• The US National Institute of Standards in Technology
• The Open Web Application Security Project
• The British Computer Society
• The International Association of Privacy Professionals
• The British Standards Institute
• The Centre for Information Technology and Law
• ISACA
Commissioning a Web Site – Policy and
Governance
37. The Performance Organisers
Associated Freebies and Case Studies
Associated free stuff….
The Lithium Experiment
Supply Chain Performance
DPO Hub
Document Template Library
Mapping the Organisation MP4
Data to Information Transition MP4
Librarianship MP4
Commissioning a Web Site – Policy and
Governance
38. The Performance Organisers
The Portal
Its all about the Architecture…..
Commissioning a Web Site – Policy and
Governance
39. The Performance Organisers
Summary
IT is being gripped. It is being regulated, and the regulation reinforces
the concept of accountability
In the event that things go wrong, investigation will be based on audit
of processes and systems which must be documented.
There will also be a need to demonstrate effective internal policy and
governance
Which will include your web site and how it is managed
Which will, inevitably, involve several kinds of people whose activities
will have to be co-ordinated.
Your web site extends your Organisation boundary
You will need to plan policy and governance
The next slide deck will be an overview of the nature of the web…
Commissioning a Web Site – Policy and
Governance