Maine State Government

Dept. of Administrative & Financial Services

Office of Information Technology

Procedure for Issuing Directives

I. Statement

Directives are issued for expediting operationally based processes, technical changes and implementing security controls.

II. Purpose

The purpose of this procedure is to create a uniform format for directives and institute a document repository for future reference and records management.

III. Applicability

This procedure is intended to manage directives which

1. Require staff to implement a new, or modify an existing, technical process.

2. Require staff execute security controls, expedited outside the policy process, in the same manner as they would adhere to a policy.

3. Mandate a change in internal OIT business procedure.

4. May either be very detailed in execution or have a generalized focus to allow managers the authority to execute the necessary means to achieve the directive.

5. Contain instructions or information of a technical nature that cannot be satisfactorily distributed as revisions or changes to policies, standards, or procedures.

IV. Responsibilities

A. Directors are responsible for issuing directives.

B. Managers are responsible for assuring staff adheres to directives.

V. Guidelines & Procedures

A. Mangers or staff may be responsible for creating a directive, but directors must issue the directive.

B. Format for directives:

1. From:
Subject: See C., below
Issued:
Background:
Actions:
Responsible Parties:
Effective Date:
Review/Expiration/Renewal Date:
Approved By:

C. Subject: The subject of the directive should be preceded with an identifier for the respective OIT service area issuing the directive. Identifiers take the following format: (acronym for service area-yearD.number of directive) example; a security directive

Subject: (EISD-2008.01), Enterprise Information Security Directive, year 2008, 1^st directive issued by Enterprise Security.

*Acronym*	*OIT Service Area*
CTS	Core Technology Services
CT	Client Technologies
CTLU	Core Technology Liaison Unit
EAS	Enterprise Application Services
EIS	Enterprise Information Security
EOM	Enterprise Operations and Monitoring
GIS	Geographic Information Systems
NS	Network Services
PMA	Performance Management and Administration
PMO	Project Management Office
PS	Production Services

D. Document Management: Directors are responsible for distributing and storing directives in a manner that facilitates staff awareness and retains documents for future reference. Documents will be posted to the intranet.

VI. References N/A

VII. Document Information

1. Document Reference Number: 30

2. Category: General/Governance

3. Adoption Date: September 9, 2008

4. Effective Date: September 9, 2008

5. Review Date: September 9, 2009

6. Point of Contact: Office of the CIO .

7. Approved By: Greg McNeal, Chief Technology Officer, State House Station 145, Augusta, ME 04333-0145, (207) 624-9471

8. Position Title(s) or Agency Responsible for Enforcement: OIT Directors.

9. Legal Citation: 5 MRSA, Chapter 163, Section 1973, paragraphs B and D, read in part: [The Chief Information Officer shall] "Set policies and standards for the implementation and use of information and telecommunications technologies" and "Identify and implement information technology best business practices and project management".

10. Waiver Process: N/A.

Maine State Government

Dept. of Administrative & Financial Services

Office of Information Technology

Procedure for Issuing Directives

I. Statement

II. Purpose

III. Applicability

This procedure is intended to manage directives which

1. Require staff to implement a new, or modify an existing, technical process.

2. Require staff execute security controls, expedited outside the policy process, in the same manner as they would adhere to a policy.

3. Mandate a change in internal OIT business procedure.

4. May either be very detailed in execution or have a generalized focus to allow managers the authority to execute the necessary means to achieve the directive.

5. Contain instructions or information of a technical nature that cannot be satisfactorily distributed as revisions or changes to policies, standards, or procedures.

IV. Responsibilities

A. Directors are responsible for issuing directives.

B. Managers are responsible for assuring staff adheres to directives.

V. Guidelines & Procedures

A. Mangers or staff may be responsible for creating a directive, but directors must issue the directive.

B. Format for directives:

1. From: Subject: See C., below Issued: Background: Actions: Responsible Parties: Effective Date: Review/Expiration/Renewal Date: Approved By:

C. Subject: The subject of the directive should be preceded with an identifier for the respective OIT service area issuing the directive. Identifiers take the following format: (acronym for service area-yearD.number of directive) example; a security directive

Acronym

OIT Service Area

CTS

Core Technology Services

CT

Client Technologies

CTLU

Core Technology Liaison Unit

EAS

Enterprise Application Services

EIS

Enterprise Information Security

EOM

Enterprise Operations and Monitoring

GIS

Geographic Information Systems

NS

Network Services

PMA

Performance Management and Administration

PMO

Project Management Office

PS

Production Services

D. Document Management: Directors are responsible for distributing and storing directives in a manner that facilitates staff awareness and retains documents for future reference. Documents will be posted to the intranet.

VI. References N/A

VII. Document Information

1. From:
Subject: See C., below
Issued:
Background:
Actions:
Responsible Parties:
Effective Date:
Review/Expiration/Renewal Date:
Approved By: