Export (0) Print
Expand All

Process 3: Validate Policy

Published: April 25, 2008

 


Figure 5. Validate policy

Activities: Validate Policy

In this process, policies must be validated with all stakeholders of the business. Because an organization’s policies may have serious legal implications, validation requires careful attention to detail. The following table lists the activities involved in this process. These activities include:

  • Performing policy review.
  • Reviewing comments and revising policies.
  • Managing policy configuration.

Table 6. Activities and Considerations for Validating Policies

Activities

Considerations

Perform policy review

Key questions:

  • Are these policies easy to understand?
  • Do these policies correctly convey the vision and goals of the business?
  • Do the policies enforce what you want enforced? Are they effective?
  • Are these policies in conflict with any vision and goals of your department or area of responsibility?
  • Will the structure of these policies last for at least two years?

Inputs:

  • Policy review package
  • Vision and goal statements of the business
  • Business continuity plan

Outputs:

  • Reviewed policies with comments

Best practices:

  • Before sending policies out for review, make sure they’re ready for the reviewers to see.
  • Establish focus areas for each reviewer or group of reviewers.
  • Make sure that policies remain relatively static over time; procedures may change more frequently to reflect modifications to processes, technologies, and organizations.

Review comments and revise policies

Key questions:

  • Are the comments sufficiently valid to warrant a policy change?

Inputs:

  • Policy review package with reviewer comments

Outputs:

  • Revised policies

Best practices:

  • Prior to the review, decide whose input you absolutely need and whose is optional. Additionally, determine the criteria regarding when an entire team must be involved in a review.
  • Establish criteria about what types of issues are important enough to change.

Manage policy configuration

Note:  Policies should be managed through your organization’s change control process.

Key questions:

  • Are these policies under change control?
  • What is the maintenance and review process to be used?

Inputs:

  • Reviewed and approved policies

Outputs:

  • Completed and controlled policies

Best practices

This accelerator is part of a larger series of tools and guidance from Solution Accelerators.

Download

Get the Microsoft Operations Framework 4.0

Solution Accelerators Notifications

Sign up to learn about updates and new releases

Feedback

Send us your comments or suggestions

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft