Skip Maine state header navigation

Agencies | Online Services | Help

State Logo

Maine State Government

Dept. of Administrative & Financial Services

Office of Information Technology

Policy, Standard, or Procedure Creation Process

 

I. Statement

 

Establish standardized methods for adopting, formatting, reviewing and updating Information Technology (IT) policies, standards and procedures. (Abbreviated as: P/S/P).

 

II. Purpose

 

Define a procedure for drafting, vetting, and adopting Policies, Standards and Procedures pertaining to Information Technology and provide the preferred format to be used.

 

III. Applicability

 

This process applies to Information Technology policies, standards, and procedures.

 

IV. Responsibilities

 

Compliance - All staff engaged in operations, analysis or actions subject to a P/S/P are responsible for becoming familiar, and complying, with the contents of the P/S/P(s).  Supervisors are responsible for incorporating standard operating procedures to ensure their staffs are familiar with, and adhere to, the P/S/P affecting their program functions. 

 

V. Directives

A. The Approval and Revision Process for IT Policies, Standards, or Procedures:

1.    The Enterprise Architect accepts suggestions for new, or updates to existing, P/S/P.

2.    The Enterprise Architect works with the originator to assign a team of drafters and a lead facilitator.

3.    The drafting team prepares a draft P/S/P.

4.    The Enterprise Architect presents the draft P/S/P to the OIT Leadership.

5.    The drafting facilitator works with the drafting team to reconcile the OIT Leadership comments, and creates an updated draft.

6.    The Enterprise Architect presents the updated draft to the CIO for approval.

7.    The CIO either approves the draft as-is, or returns it to the Enterprise Architect for further revisions.

8.    The Enterprise Architect works with the drafting facilitator to accommodate the CIO’s revisions and presents it back to the CIO for approval.

B. The format to be used for IT Policies, Standards and Procedures is outlined below.

Content (a “Sample Copy” of the “Template” to be used is included as Attachment 1)

Heading 1 = Title of P/S/P

Indented on left margin from Heading 1, Heading 2 is Roman Numerals (I – VII)

Indented on left margin from Heading 2, Heading 3 is Capital Letters

Indented on left margin from Heading 3, Heading 4 is Numbers followed by a period

 Indented on left margin from Heading 4, Heading 5 a small letter followed by a period

Indented on left margin from Heading 5, Heading 6 a small letter enclosed in parentheses

C. Document Information (as appropriate) will be included for each policy, standard, and procedure as noted below:

Document Reference Number:   (assigned by OCIO)

Adoption Date:

Effective Date:

Review Date:

Point of Contact:

Approved by:

Position Title(s) or Agency Responsible for Enforcement:

Legal Citation:

Waiver Process:

 

VI. Definitions

1.      Chief Information Officer (CIO) - The term Chief Information Officer refers to the CIO, the chief administrative officer of the Office of Information Technology within the Department of Administrative and Financial Services.

2.      Policy - A policy is a statement of direction with respect to the planning and management of information technology approved by the Chief Information Officer of the State of Maine.

3.      Standard - A standard is a specific approach, solution, methodology, product, or protocol that must be adhered to for establishing uniformity.

4.      Standard Operating Procedure - The term Standard Operating Procedure (SOP) is the description of a prescribed method that must be used by Office of Information Technology staff to develop or review policies, standards, or procedures.  SOPs are not appropriate to describe procedures or requirements that apply to members of the public, other than persons acting as agents of, or under contract with, the Maine OIT.

 

VII. References

None

 

VIII. Document Information

Document Reference Number:     1

 

Adoption Date:     May 9, 2006

Effective Date:     May 9, 2006

Last Reviewed  Date:     January 15, 2013

Next Review Date:   January 15, 2015

 

Point of Contact:     Victor Chakravarty, Enterprise Architect, Office of Information Technology, State House Station #145, Augusta, ME 04333, (207) 624-9840.

 

Approved By:     James R. Smith, Chief Information Officer, State House Station #145, Augusta, ME 04333, (207) 624-9471.

 

Position Title(s) or Agency Responsible for Enforcement:  Victor Chakravarty, Enterprise Architect, Office of Information Technology, State House Station #145, Augusta, ME 04333, (207) 624-9840.

 

Legal Citation:  5 M.R.S.A. Chapter 163 Section 1973 paragraphs (1)B and (1)D, which read in part, “The Chief Information Officer shall:” “Set policies and standards for the implementation and use of information and telecommunications technologies…” and “Identify and implement information technology best business practices and project management.”

 

Waiver Process: See the Waiver Policy[1].

 

 


Attachment 1

 

This is a “Sample Copy: of the “Template” to be used for IT policies, standards, and procedures.

 

State Logo

Maine State Government

Dept. of Administrative & Financial Services

Office of Information Technology

 

Policy, Standard, or Procedure

I. Statement

II. Purpose

III. Applicability

IV. Responsibilities

V. Directives

VI. Definitions

1.       

VII. References

1.       

VIII. Document Information

Document Reference Number:

Adoption Date:

Effective Date:

Review Date:

Point of Contact:

Approved By:

Position Title(s) or Agency Responsible for Enforcement:

Legal Citation:

Waiver Process:



[1] http://maine.gov/oit/policies/waiver.htm