Setting limits in the office
Zatni Arbi, Contributor, Jakarta
The ePolicy Handbook: Designing and Implementing Effective E- Mail, Internet, and Software Policies; By Nancy L. Flynn; Amacom, American Management Association, 2001; 304 pp; $19.95
Is it possible for any business enterprise, nonprofit organization, government institution or individual to function efficiently today without the help of computers, e-mail and the Internet? We no longer think it is.
However, as more and more computer and Internet facilities are made available to employees, management is increasingly beset by the downside of information technology: abuse.
What is the management of a firm supposed to do with employees who use the company e-mail facilities to moonlight during office hours? What can be done about pirated software that employees have installed on their hard disks? Who should handle the problem of computer viruses caused by neglect on the part of the employees?
There must be thousands of companies, agencies and other organizations grappling with the question of how they should prepare e-policies which will let their employees know what they may and may not do with the facilities with which they are provided.
Nancy L. Flynn's The ePolicy Handbook is a truly helpful reference guide and a must for the desk of every chief information officer (CIO).
Flynn starts her discussion with an inventory of reasons why an organization needs clear policies to govern the use of e-mail, the Internet and computer software. The second part of the book deals with management issues.
The author then discusses steps for developing the right e- policy for an organization. Next, she takes an in-depth look at business writing, including the proper language to use in e-mails and the need to avoid offensive, racist or sexist terms. The implementation of an e-policy, is the main topic covered in the fifth part of the book.
Finally, as a properly thought-out and strictly enforced policy may still fail to eliminate all the risks, Flynn suggests various steps that can be taken to respond to e-crises, including some excellent tips on how to deal with reporters and the media.
The book covers a lot of ground and Flynn does a truly admirable job of juggling all these issues. Each chapter ends with a section containing a summary of pointers and an action plan. This is good news for CIOs whose hectic schedules preclude them from sitting down and reading the book cover to cover.
Those who can spend more time reading will appreciate Flynn's inclusion of a "Netiquette" primer, a manual for effective business writing, a guideline for formatting policy briefs and even a list of prepared answers for common questions employees ask regarding company e-policies.
Flynn also provides several samples of questionnaires that companies can use to glean information from their employees, including their concerns.
Toward the end of the book, Flynn also furnishes a list of e- policy dos and don'ts. And the appendices contain sample policies, a glossary, a list of resources and a list of materials for further reading.
In general, Flynn covers far more than just the basics of developing an e-policy to maximize the benefits of a company's IT resources and to limit its exposure to liabilities. And her language is simple and easy to understand despite the complexity of the issues she deals with.
One can spend two weeks or two nights reading this book and still find it very useful. And with Microsoft reportedly taking a tougher stance against software piracy in Indonesia, a well- disseminated company e-policy has certainly become more important than ever.