March 2, 1998

Good Management Requires Spending Time On Intranet Policies

By Steven L. Telleen

Q:Our company is implementing an intranet. Do you have any suggestions on setting up policies for intranet content?

Advisor:The intent of all intranet policies should be to enable productive activity. 

The purpose of an intranet, after all, is to facilitate communication among employees, customers, and partners. Because it provides such breadth and immediacy of information exchange, and simultaneously supports many different functions, it is important to have common "rules of the road" to make everyone's experience pleasant, convenient, and efficient. 

When publishing information on an intranet, a company should address several concerns:

  • Protection from legal action
  • Protection from loss of valuable assets
  • Misrepresentation of the company or its positions
  • Protection from the offense or harassment of others
  • Ease of orientation and navigation.
The most basic-yet very often overlooked-part of an intranet policy is to make an explicit statement that all existing company policies on communication and behavior also apply to use of the intranet and the Internet. Beyond this, I suggest four major policy areas: Usage, Security, Legal, and Publishing. In most organizations, a different group would be responsible for formalizing the policies in each of these areas. 

Usage: Usage policies are generally "owned" by the human resources department as an extension of existing behavior policies. They apply to everyone, and often cover Internet as well as intranet use. Companies should recognize that e-mail and discussion forums make everyone a publisher of sorts, even if they do not put up pages, and these situations may require corporate direction. 

Usage policies often include stances on appropriate access and use of the intranet resource, anti-harassment positions, and the use of disclaimers with personal statements in e-mails and other online interactions. 

Security: Most organizations have content vital to their existence that needs to be protected from destruction, theft, and inappropriate disclosure. All users should understand these risks and the policies in place to reduce them. 

Most organizations have already defined corporate access levels, such as internal, confidential, and restricted. These should be extended in a consistent way and included on all intranet pages aimed at a restricted audience. Security policies apply to contractors and temporary employees, in addition to regular employees. An organization should also be careful to address its responsibilities for protecting content owned by partners, customers, and other business associates. Finally, there should be policies defining how access protection is handled upon termination of employment. 

Legal: Legal policies are intended to help employees both benefit from, and meet, corporate obligations. Some of the policies are necessary to establish and protect corporate and employee rights. Some are policies that protect the rights of others and, by following them, protect the employee and the corporation from possible liability and sanctions. 

Legal policies apply to all parties who publish and to those who copy or republish, in any form, Internet material belonging to others. Legal policies usually include positions on acceptable content, copyright, and trademark protection, as well as specific disclosures or acknowledgments required by the organization. 

Publishing: Publishing policies should help those who publish on the intranet coordinate the content to produce a friendly, easy-to-use environment for information users, without imposing a rigid structure or central review process. It is useful to distinguish among policies that apply to all content, formal content, project content, and personal content. Publishing policies generally are owned by a company's Web council or Web steering committee. 

As a final note: A policy statement should be as brief and as clear as possible. It should state why the policy exists, what the specific statutes are, to whom they apply, and how they will be administered (as in responsibility, monitoring, sanctions, and grievances). 

In a good intranet structure, each set of policies is maintained by the organization responsible for creating or coordinating it. Virtual centralization, through links on a policy page, then makes employee access to corporate policies easy and efficient-just as an intranet should be. 

Date: 19980302
Copyright 1998 Mecklermedia Corporation.
All Rights Reserved. Legal Notices.