March 2, 1998
Good Management Requires Spending Time On Intranet PoliciesBy Steven L. Telleen
Q:Our company is implementing an intranet. Do you have any suggestions on setting up policies for intranet content?
Advisor:The intent of all intranet policies should be to enable productive activity.
The purpose of an intranet, after all, is to facilitate communication among employees, customers, and partners. Because it provides such breadth and immediacy of information exchange, and simultaneously supports many different functions, it is important to have common "rules of the road" to make everyone's experience pleasant, convenient, and efficient.
When publishing information on an intranet, a company should address several concerns:
Usage: Usage policies are generally "owned" by the human resources department as an extension of existing behavior policies. They apply to everyone, and often cover Internet as well as intranet use. Companies should recognize that e-mail and discussion forums make everyone a publisher of sorts, even if they do not put up pages, and these situations may require corporate direction.
Usage policies often include stances on appropriate access and use of the intranet resource, anti-harassment positions, and the use of disclaimers with personal statements in e-mails and other online interactions.
Security: Most organizations have content vital to their existence that needs to be protected from destruction, theft, and inappropriate disclosure. All users should understand these risks and the policies in place to reduce them.
Most organizations have already defined corporate access levels, such as internal, confidential, and restricted. These should be extended in a consistent way and included on all intranet pages aimed at a restricted audience. Security policies apply to contractors and temporary employees, in addition to regular employees. An organization should also be careful to address its responsibilities for protecting content owned by partners, customers, and other business associates. Finally, there should be policies defining how access protection is handled upon termination of employment.
Legal: Legal policies are intended to help employees both benefit from, and meet, corporate obligations. Some of the policies are necessary to establish and protect corporate and employee rights. Some are policies that protect the rights of others and, by following them, protect the employee and the corporation from possible liability and sanctions.
Legal policies apply to all parties who publish and to those who copy or republish, in any form, Internet material belonging to others. Legal policies usually include positions on acceptable content, copyright, and trademark protection, as well as specific disclosures or acknowledgments required by the organization.
Publishing: Publishing policies should help those who publish on the intranet coordinate the content to produce a friendly, easy-to-use environment for information users, without imposing a rigid structure or central review process. It is useful to distinguish among policies that apply to all content, formal content, project content, and personal content. Publishing policies generally are owned by a company's Web council or Web steering committee.
As a final note: A policy statement should be as brief and as clear as possible. It should state why the policy exists, what the specific statutes are, to whom they apply, and how they will be administered (as in responsibility, monitoring, sanctions, and grievances).
In a good intranet structure, each set of policies is maintained by the organization responsible for creating or coordinating it. Virtual centralization, through links on a policy page, then makes employee access to corporate policies easy and efficient-just as an intranet should be.