Business Functions

Lists what the business has and provides and policies that apply.

What are the desired characteristics:

  1. Efficiency - IT Structure, interrelationships, and communications
  2. Legal
  3. Quality
  4. Reliability
  5. Security

List of what the business has/provides:

  1. Labor - Users/staff/labor
  2. Data
  3. Equipment - Network, Servers
  4. Facilities - Building/Land
  5. Money/Costs
  6. Services - Internal and external
  7. Tools - Software/Applications
  8. Business Processes - General
EfficiencyAuditing Policy
EfficiencyCostComputer Training Policy
Insurance Purchase Policy
Technology Planning Policy
Contracting Policy
Supplier Policy
Cost Management Policy
IT Organizational Policy
IT Budget Policy
IT Human Resource Policy
EfficiencyLabor (Communication) Labor efficiency covers business processes,
data, equipment, facilities, and service efficiency
Network Documentation Policy
Server Documentation Policy
Computer and Printer Naming Policy
IT Steering Committee Policy
Change Management Policy
Communication Policy
IT Organizational Policy
IT Human Resource Policy
EfficiencyLabor (Coordination)Asset Control Policy
Software Tracking Policy
Technology Planning Policy
Configuration Management Policy
IT Human Resource Policy
Internal Controls Policy
EfficiencyLabor Skills (improvement)Computer Training Policy
IT Human Resource Policy
EfficiencyTools (Software availability)IT Steering Committee Policy
Acquisition and Maintenance Policy
Contracting Policy
Supplier Policy
LegalBusiness ProcessesExternal Requirements Policy
LegalDataExternal Requirements Policy
LegalProperty RightsIntellectual Property Rights Policy
External Requirements Policy
LegalLabor (Staff)IT Acceptable Use
Code of Ethics Policy
External Requirements Policy
LegalTools (Software Licensing)Software Tracking Policy
Software Licensing Policy
External Requirements Policy
LegalServicesExternal Requirements Policy
ReliabilityAuditing Policy
ReliabilityBusiness Processes(Disaster Recovery)Disaster Recovery Policy
Business Continuity Policy
Emergency Access Policy
Service Reliability and Continuity Policy
ReliabilityBusiness Processes (Protection)Internal Controls Policy
ReliabilityBusiness Processes (Risk Mitigation)Insurance Purchase Policy
ReliabilityDataBackup and Recovery Policy
Disaster Recovery Policy
IT Steering Committee Policy
Business Continuity Policy
ReliabilityEquipmentIT Acceptable Use
IT Equipment Purchase and Failure Prevention Policy
Server Monitoring Policy
Audit Trail Policy
Disaster Recovery Policy
IT Steering Committee Policy
Business Continuity Policy
Technology and System Management Policy
Preventative Maintenance Policy
Technology Planning Policy
Acquisition and Maintenance Policy
Contracting Policy
Supplier Policy
Configuration Management Policy
ReliabilityEquipment (Server)Network and Server Scanning Policy
Internal Controls Policy
ReliabilityNetworkNetwork Documentation Policy
Telecommunications Communication Policy
IP Address Assignment Policy
Disaster Recovery Policy
Business Continuity Policy
ReliabilityServicesIT Equipment Purchase and Failure Prevention Policy
Server Documentation Policy
Certification and Accreditation Policy
Disaster Recovery Policy
Change Management Policy
Business Continuity Policy
Technology and System Management Policy
Technology Planning Policy
Acquisition and Maintenance Policy
Contracting Policy
Supplier Policy
Configuration Management Policy
Emergency Access Policy
Service Level Policy
Service Monitoring Policy
Internal Controls Policy
ReliabilityFacilitiesSupplier Policy
Contracting Policy
SecurityAuditing Policy
SecurityLaborPassword Policy
Remote Access Policy
Computer Training Policy
IT Acceptable Use,User Privilege Policy
Account Management Policy
Employee Termination Policy
Browser Configuration Policy
Employee Background Screening Policy
Code of Ethics Policy
Approved Application Policy
Surf Control Policy
Computer Forensics Policy
Workstation Configuration Policy
Email Policy
Incident Response Policy
Intrusion Detection Policy
Third Party Identity Policy
Extranet Policy
IT Steering Committee Policy
Segregation of Duties Policy
Third party IT Service Policy
SecurityDataRemote Access Policy,Computer Training Policy
Privacy and Confidentiality Policy
Code of Ethics Policy
Approved Application Policy
Wireless Communication Policy
Perimeter Security Policy
Internet DMZ Equipment Policy
Router Security Policy
Asset Control Policy
Equipment and Media Disposal Policy
Mobile Computer Policy and Mobile Device Policy
Virus Protection Policy
Patch Management Policy
System Lockdown Policy
Computer Forensics Policy
Server Security Policy
Workstation Configuration Policy
Email Policy
Certification and Accreditation Policy
Data Classification Policy, Information Sensitivity Policy
Risk Assessment Policy
Database Passwords Policy
Encryption Policy
Application Implementation Policy
Incident Response Policy
Intrusion Detection Policy
Third Party Identity Policy
Extranet Policy
IT Steering Committee Policy
Third party IT Service Policy
SecurityEquipmentAsset Control Policy
Mobile Computer Policy and Mobile Device Policy
Virus Protection Policy
Patch Management Policy
System Lockdown Policy
Server Documentation Policy
Authentication Mechanism Policy
Computer Center Operations Policy
Server Security Policy
Server Security Policy
Workstation Configuration Policy
Email Policy
Certification and Accreditation Policy
Risk Assessment Policy
Application Implementation Policy
Incident Response Policy
Intrusion Detection Policy
Third Party Identity Policy
Extranet Policy
IT Steering Committee Policy
Third party IT Service Policy
Technology Planning Policy
Acquisition and Maintenance Policy
Contracting Policy
Supplier Policy
Configuration Management Policy
Internal Controls Policy
SecurityEquipment (Network)Remote Access Policy
Computer Training Policy
Code of Ethics Policy
Internet Connection Policy
Approved Application Policy
Wireless Communication Policy
Network Documentation Policy
Perimeter Security Policy
Internet DMZ Equipment Policy
Router Security Policy
Telecommunications Communication Policy
Mobile Computer Policy and Mobile Device Policy
IP Address Assignment Policy
Server Security Policy
Incident Response Policy
Intrusion Detection Policy
Extranet Policy
SecurityServerNetwork and Server Scanning Policy
Incident Response Policy
Intrusion Detection Policy
SecurityFacilities (Physical)Computer Center Operations Policy
Incident Response Policy, Intrusion Detection Policy
Physical Security Policy
SecurityServicesSystem Availability Policy
Server Setup and Configuration Policy
Risk Assessment Policy
Application Implementation Policy
Incident Response Policy
Intrusion Detection Policy
Technology Planning Policy
Acquisition and Maintenance Policy
Contracting Policy
Supplier Policy
Configuration Management Policy
Emergency Access Policy
Internal Controls Policy
StabilityEquipment (Network)Service Reliability and Continuity Policy
QualityDataApplication Implementation Policy
QualityBusiness ProcessesQuality Policy
QualityEquipment/SoftwareApplication Implementation Policy
Third party IT Service Policy
Development Life Cycle Policy
Technology and System Management Policy
Acquisition and Maintenance Policy
Contracting Policy
Supplier Policy
Configuration Management Policy, Quality Policy
QualityServicesApplication Implementation Policy, Third Party Identity Policy
Change Management Policy
Third party IT Service Policy
Development Life Cycle Policy
Technology and System Management Policy
Acquisition and Maintenance Policy, Contracting Policy
Supplier Policy, Configuration Management Policy
Customer Support Policy
Service Level Policy
Service Monitoring Policy
Service Reliability and Continuity Policy
Service Quality Policy
Quality Policy
QualitySoftware developmentApplication Implementation Policy
Third party IT Service Policy
Software Standards Policy
Development Life Cycle Policy

Efficiency/Reliability - Coordination (notification of downtime)

Communication can provide efficiency, reliability, or stability

Lead to

  • profits
  • stability