• No results found

Network Resource Management Policy

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Network Resource Management Policy"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

Office of the Prime Minister

Policy document

CIMU P0036:2003

Version: 1.0

Effective date: 10.12.2003

Network Resource Management Policy

1.

Policy statement

i) General

Information and Communications Technology (ICT) resources forming part of the Malta Government Network (MAGNET) are provided for Government of Malta (Government) business use and hence are deemed to be the property of Government.

Government seeks to reduce total cost of ownership, improve quality, whilst minimising security risks in support of its ICT resources forming part of the MAGNET; through automated means. Such a concept shall be termed as Network Resource Management (NRM) and shall form part of a wider Enterprise Management Architecture (EMA) Model. In support of the above concept, NRM tool(s) shall be adopted within the Public Service. They shall de facto serve as the means of providing operational support to such ICT resources.

The NRM tool(s) shall be regulated by CIMU. Upon consent from CIMU, the NRM tool(s) shall be :

ο implemented by the Agent(s);

(2)

technical skills capacity falling under the respective Permanent Secretary's responsibility;

ο maintained by the Agent(s).

In support of the above operational framework, related requests for services or incidents shall be passed through a centralised Service Call Centre, as directed by CIMU.

ii) Implementation

The target population for implementation of the Policy and its supporting documents are: (i) Public Service (ii) Agent(s) and (iii) Third Parties that may be contracted to implement and/or operate and/or maintain the NRM tool(s).

Implementation shall be within the context of (i) defined corporate strategic design for Network Resource Management in the Public Service (ii) defined service levels (iii) the Information Security Framework (in process), (v) a defined Architecture, subject to each Public Service Entity's connectivity needs, (vi) Convention on Cyber Crime ETS No. 185 (signed by Government on 17.01.2003 but still to be ratified) and (vii) Laws of Malta and regulations by statutory bodies.

Implementation shall be backed by (i) internal audits and (ii) compliance checks. iii) Policy violations

Abuse or misuse in NRM in terms of the Data Protection Act, the Computer misuse provisions of the Criminal Code and this Policy and its supporting documents shall be treated as an offence.

CIMU reserves the right of withdrawing its consent for any NRM activity by the Agent(s) and/or Permanent Secretaries and/or take any other appropriate measures should any breach of Policy be discovered at any point in time.

2.

Purpose

The objective of this Policy is to promote the use of NRM tool(s) within the Public Service

3.

Who should know this Policy

Knowledge of this Policy shall extend to the following:

ο Chief Information Management Officer

(CIMO) ο

Information Management Officers (IMOs)

ο CIMU Communications Executive ο Head of Agent(s)

ο Heads of Public Service entities ο Users of ICT resources

(3)

4.

Scope of applicability

The provisions of this document apply to the use of NRM tools within the Public Service on the ICT resources, excluding servers, that form part of the MAGNET.

NRM is the lowermost layer of a wider Enterprise Management Architecture (EMA) Model for Government. This document, along with its supporting documents, is intended to specifically cover this layer of the EMA Model. However in the absence of similar documents that specifically address the other layers of this Model, this document along with its supporting documents may, where necessary, address items that fall under the other layers. Such items shall be migrated to the appropriate similar documents, once such documents are in place.

5.

Definitions

Agent – a trusted organisation that has the mandate by Government to provide Information and Communications services.

Compliance - the process performed by CIMU or an independent body to check that a service provided satisfies the criteria set in a referenced document.

Computer desktop - a personal computer designed to fit comfortably on top of a desk. Computer network – a network of data-processing nodes that are interconnected for the purposes of data communication.

Conformance - the correspondence by a service to the criteria set in a referenced document.

Design – the act of formulating the Strategic Design for NRM as explained in further detail in the Standards for this Policy.

Enterprise Management Architecture (EMA) Model – refers to the IT Infrastructure Library (ITIL) model for IT Service Management (ITSM) as proposed for implementation of the Enterprise Management System

Format - a specific pre-established arrangement or organisation of data.

File header – A field that precedes the main file content and describes the length of the content and/or other characteristics of the file.

Implement – the act of deploying the necessary backend, frontend and control systems that form an integral part of the NRM tools.

Information and Communications Technology (ICT) resource – any element of a computer, data communications and peripheral data processing equipment and/or software needed to perform required operations.

Maintain – the act of ensuring that the NRM tools deployed and in use are kept in good working order according to the design characteristics.

(4)

Operate - the act of using the facilities on offer by the NRM tools deployed, normally via a special user interface.

Outsourcing – the act of hiring an outside source for acquiring services and an alternative delivery mechanism or resourcing alternative.

Public Service entity – a Government Ministry or Department.

Regulate - refers to the setting of the strategic direction for Enterprise Management Architecture (that includes NRM) within the Public Service. It also implies the need to ensure that the necessary governance mechanisms are in place and are functioning well.

Service Level Agreement (SLA) - a contractual obligation between parties, which stipulates and commits the service provider to a required level of service.

Third Party – someone other than the principals directly involved in a transaction or agreement.

6.

Roles and responsibilities

For the purpose of this Policy, the following roles and responsibilities have been identified:

Role Responsibility

1. Chief Information Management Officer (CIMO)

i. To maintain this Policy and its supporting documents.

ii. To audit for compliance.

iii. To regulate the use of NRM tools within the Public Service.

iv. To identify Agent(s)

v. To manage Service Level Agreement(s) (SLA) established with the Agent(s). 2. CIMU Communications

(5)

3. Head of Agent i. To establish, endorse, and maintain a corporate strategic design for NRM within the Public Service.

ii. To operate NRM tools in confomance to this Policy and its supporting documents. iii. To implement NRM tools in confomance to this Policy and its supporting documents.

iv. To maintain NRM tools in conformance to this Policy and its supporting documents. v. To assume responsibility for any

outsourcing of the related activities to Third Parties.

vi. To establish, conform to and maintain related Service Level Agreement (SLA) with CIMU.

vii. To participate in and/or contribute to any compliance checks as conducted by CIMU.

4. Head of Public Service

Entity i. To adopt NRM, within the Public Serviceentity according to this Policy and its supporting documents.

ii. To ensure conformance of the Public Service entity according to this Policy and its supporting documents.

(6)

5. Permanent Secretary i. To engage the IMO to operate NRM tool (s) within Public Service entity in conformance to this Policy and its supporting documents.

ii. To present a business case to CIMU, clearly indicating present technical skills capability to be able to operate the NRM tool(s) within Public Service entity(s) for which he/she is responsible; should he/she request consent from CIMU to undertake this activity, within the parameters prescribed herein.

iii. To establish, conform to and maintain a Quality Charter for operations of the NRM tool(s) within Public Service entity (s) for which he/she is responsible; should he/she be granted consent to undertake this activity, within the parameters prescribed herein.

iv. To participate in and/or contribute to any compliance checks as conducted by CIMU.

6. Users of ICT resources i. To conform to this Policy and its supporting documents.

7. IMO i. To operate NRM tool(s) within PublicService entity in conformance to this Policy and its supporting documents, upon being delegated authority from the respective Permanent Secretary

ii. To assist the Permanent Secretary and the Head of the Public Service Entity, subject to this Policy and its supporting documents.

7.

Supporting Documents

In support of this Policy, the following Standard and Directives shall be issued: 01.CIMU S0036:2003 Network Resource Management Standard 02.CIMU D0036:2003 Network Resource Management Directive

(7)

8.

References

01. Information Security Framework (in preparation) 02.CIMU P 0016:2003 Information Security Policy http://www.cimu.gov.mt

03.CIMU P 0015:2002 Password Policy http://www.cimu.gov.mt

04.CIMU P 0011:2002 Connectivity to MAGNET Policy http://www.cimu.gov.mt

05.CIMU P 0010:2002 Electronic mail and Internet Services Policy http://www.cimu.gov.mt

06.CIMU S 0001: 2003 Office Automation Hardware Standards http://www.cimu.gov.mt

07.CIMU S 0002: 2003 Office Automation Software Standards http://www.cimu.gov.mt

08.Computer Misuse Handbook for the Public Service http://www.cimu.gov.mt

08.Desktop Support Services Handbook http://www.cimu.gov.mt

09.Data Protection Act- Chapter 440 http://www.justice.gov.mt

010.Article 337 of the Criminal Code – Chapter 09 http://www.justice.gov.mt

011.Convention on Cyber Crime ETS No. 185 http://conventions.coe.int

012.Code of Ethics for Employees in the Public Sector -

Cabinet Office – Office of the Prime Minister Malta – October 1994

9.

Modification history

Version Date Changes

(8)

10.

Maintenance and review cycle

Maintenance and review of this policy is set for six months after the initial release as indicated in the effective date. Subsequent maintenance to this policy shall be based on a twelve month cycle.

Signature and stamp

Joseph R Grima

References

Download now ( PDF - 8 Page - 145.88 KB )

Related documents

Planning City Green Space Locations For Public Access: A Capacitated Location-Allocation Modeling Approach

improved if the street network is further refined, which will make the network distance estimate much closer to real travel distance. On the other hand, Euclidean distance is

Racism in the Post-colonial Society: a Critical Discourse Analysis to Jacqueline Woodson\u27s Novels

[r]

Arbitrage and asymmetric information

A similar procedure, where ”future arbitrage sets”, defined as sets on which a future arbitrage opportunity yields a strictly positive payoff for the agent, are successively

The interface between traditional leadership in shared rural local governance

This Act makes provision to phase in traditional leaders as part of local government by recognizing traditional “leadership, traditional institutions and communities, through

Endogenous Growth, the Distribution of Wealth, and Optimal Policy under Incomplete Markets and Idiosyncratic Risk

We now proceed with quantifying the macroeconomic effects of a mean preserving spread in shocks to labor efficiency. The results from our numerical simulations are summarized in

Report on company feedback from the French national environmental labelling pilot

To overcome a lack of expertise and methodology available during the trial and to thus avoid a large part of the costs incurred by the companies, a technical and robust

Cloud Computing: Transforming IT

Cloud Computing: Transforming IT 19 Hardware Infrastructure as a Service Software Infrastructure as a Service Platform as a Service Software as a Service Example. Google Apps, on-line

Introduction to Virtualization

Business Agility Business Policies On-Demand Service Oriented Virtualization Storage resource Network resource Computing resources Application System