Contact us:
KCIT
Chinook Building
401 Fifth Ave.
Seattle, WA 98104

Phone: 206-263-7997
Fax: 206-296-6511

Countywide IT Governance Policies, Standards, and Guidelines

The purpose of the information technology governance process and OIRM countywide programs is to develop and promote standards, policies, guidelines and methodologies for privacy, security, project management, application development, wireless, messaging, remote access, outside contractors, and disaster recovery. The following definitions provide the distinction between policies, standards, methods and guidelines:

Policy: Set of countywide organizational rules and practices that regulate how an organization manages, protects and uses its information system assets and data. These are required and must be complied with. Any exceptions to these must be documented, reviewed and approved. Policies are reviewed periodically and revised based on business operation changes.

Standard: Rules indicating how and what kind of software, hardware, databases, and business processes must be implemented, used and maintained to meet policy objectives. Standards are required and must be complied with. Any exceptions to these must be documented, reviewed and approved. Standards are based in part on technology and as technology changes, standards may need to be updated.

Method: A means or manner of procedure that indicates a regular and systematic way of accomplishing a business process or procedure. Methods will be updated as business processes change.

Guideline: Recommended actions and/or industry best practices that should be used to guide King County practices by users, IT staff and others. Guidelines are not compulsory. Guidelines are based largely on the technologies used therefore guidelines may change frequently as technology changes.

Policy, Standard, Method, & Guideline Overview

IT Governance approved countywide IT policies, standards, methods and guidelines

Policies:

Acceptable Use of IT Assets

ITG-P-08-02-01 5/25/11
ITG-G-08-01-01 12/15/08
ITG-P-08-03-01 12/15/08
ITG-G-08-02-01 12/15/08

12/15/08
Enterprise Information Security Policy

ITG-P-05-03-02

 09/09/09
King County IT Business Continuity Policy

N/A

 01/25/05
Password Management Policy

ITG-P-05-02-02

 09/09/09
Privacy Policy

ITG-P-05-04-01

 06/09/10
06/09/10
10/30/07
06/16/06
10/30/07
10/30/07
10/30/07
10/30/07
06/05/06
10/30/07
10/30/07
Public Facing Domain and Sub Domain Policy

ITG-P-09-01-01

 02/25/09
Network Administration Policy

ITG-P-07-05-01

 10/3/07
Network Infrastructure Policy

ITG-P-06-03-02

 06/17/09
Vulnerability Assessment and Management Policy

ITG-P-06-04-01

 11/1/07
External Network and Systems Connectivity Policy

ITG-P-07-01-01

 10/03/07
Network Service and Performance Policy

ITG-P-07-02-02

 06/17/09
Remote Access Policy

ITG-P-07-04-01

 10/03/07

Standards:

(for internal KC use)

Methods:

Cost Savings Opportunities from IT Efficiency Projects 09/06
IT Project Management Methodology 06/06

Guidelines:

Agency Technology Plans 01/05/06
IT Project Manager Assignment Guideline 08/25/09
Procedures for Managing a Security Breach Under the 'Personal Information - Notice of Security Breach' Law 10/01/07
Project Manager Guide to PRB Reviews 10/08
Project Review Board Governance Guide 06/08
Technology Qualifications Report Guidelines 02/11

Contact information:

IT Services Manager: Zlata Kauzlaric, zlata.kauzlaric@kingcounty.gov