Final Ict Policy

Information System
Administration Center(ISAC)

IT Policy and guideline
May 2011
x 2003
MoFED /IT POLICY- VERSION 1

I.INTRODUCTION
II.OBJECTIVES 1
1. ICT USERS POLICY
1.1 OVERVIEW_________________________________________________________________2
1.2 POLICY____________________________________________________________________2
1.3 GUIDELINE_________________________________________________________________2
1.4 TERMINATIONOFEMPLOYEES______________________________________________4
2. HARDWARE & SOFTWARE PROCUREMENT SUPPORT POLICY 5
2.1 OVERVIEW_________________________________________________________________5
2.2 POLICY____________________________________________________________________5
2.3 GUIDELINE_________________________________________________________________5
3. HARDWARE POLICY 7
3.1 OVERVIEW_________________________________________________________________7
3.2 POLICY____________________________________________________________________7
3.3 GUIDELINES________________________________________________________________7
3.3.1
HARDWARE MAINTENANCE_____________________________________________7
3.3.2
DISPOSAL OF HARDWARE:_______________________________________________8
3.3.3
MOVEMENT OF ICT EQUIPMENT__________________________________________8
4. OPERATING SYSTEM & BASIC APPLICATION SOFTWARE POLICY
9
4.1 OVERVIEW_________________________________________________________________9
4.2 POLICY____________________________________________________________________9
4.3 GUIDELINES________________________________________________________________9
5. NETWORK POLICY
10
5.1 OVERVIEW________________________________________________________________10
5.2 POLICY___________________________________________________________________10
5.3 GUIDELINES_______________________________________________________________10
5.4 WIRELESSNETWORK______________________________________________________11
5.5 REMOTEACCESS__________________________________________________________11
5.6 INTERNET_________________________________________________________________12
5.6.1
INTERNET ACCESS_____________________________________________________12
5.6.2
ALLOWED INTERNET SERVICES_________________________________________13
5.6.3
PROHIBITED INTERNET ACTIVITIES_____________________________________13
5.6.4
WEBSITE EXEMPTION__________________________________________________13
5.7 VIDEOCONFERENCESERVICE______________________________________________14
6. MoFED WEB SITE POLICY
15
6.1 OVERVIEW________________________________________________________________15
6.2 POLICY___________________________________________________________________15
6.3 GUIDELINES_______________________________________________________________15
6.3.1
RESPONSIBILITY_______________________________________________________15
6.3.2
WEBSITE MANAGEMENT_______________________________________________15
6.3.3
WEB CONTENT_________________________________________________________16
6.3.4
BILINGUAL (AMHARIC & ENGLISH) VERSION____________________________17
6.3.5
ACCESSIBILITY and VISIBILITY__________________________________________18
7. MOFED ELECTRONIC MAIL SERVICE POLICY
19
[MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT ]
Page i

7.1 OVERVIEW________________________________________________________________19
7.2 POLICY___________________________________________________________________19
7.3 GUIDELINES_______________________________________________________________19
7.3.1
ACCOUNT REQUEST FOR ELIGIBLE USERS_______________________________19
7.3.2
DISK SPACE QUOTA____________________________________________________20
7.3.3
ACCEPTABLE USES_____________________________________________________20
7.3.4
CONFIDENTIALITY and MONITORING____________________________________20
7.3.5
MAIL BOUNCING_______________________________________________________21
7.3.6
ACCOUNT DISABLING AND DELETION___________________________________21
8. SOFTWARE DEVELOPMENT POLICY
22
8.1
8.2
8.3
8.4
OVERVIEW________________________________________________________________22
POLICY___________________________________________________________________22
GUIDELINES_______________________________________________________________22
THIRDPARTYSOFTWAREDEVELOPMENT(OUTSOURCING)___________________23
9. BACKUP POLICY
24
9.1 OVERVIEW________________________________________________________________24
9.2 POLICY___________________________________________________________________24
9.3 GUIDELINES_______________________________________________________________24
10. SECURITY POLICY
26
10.1
OVERVIEW______________________________________________________________26
10.2
POLICY__________________________________________________________________26
10.3
GUIDELINE______________________________________________________________26
10.3.1 PHYSICAL SECURITY___________________________________________________26
10.3.2 NETWORK SECURITY___________________________________________________27
10.3.3 INTERNET SECURITY___________________________________________________28
10.3.4 ANTIVIRUS____________________________________________________________28
10.3.5 WIRELESS ACCESS_____________________________________________________29
10.3.6 INFORMATION SYSTEMS SECURIT_______________________________________29
10.3.7 USER MANAGMENT____________________________________________________30
10.3.8 ICT SECURITY INCIDENT MANAGEMENT_________________________________30
10.3.9 SECURIYT AUDIT_______________________________________________________30
10.3.10 ICT SYSTEMS USAGE_________________________________________________31
11. DATA CENTER POLICY
32
11.1
OVERVIEW______________________________________________________________32
11.2
POLICY__________________________________________________________________32
11.3
GUIDELINES_____________________________________________________________32
11.4
DATACENTERACCESS___________________________________________________33
11.4.1 DATA CENTER TOURS / VISITORS________________________________________33
11.5
DATACENTERETIQUETTE________________________________________________34
12. INTERNAL IT SUPPORT POLICY
35
12.1
12.2
12.3
OVERVIEW______________________________________________________________35
POLICY__________________________________________________________________35
GUIDELINE______________________________________________________________35
Page ii
13. IBEX SUPPORT POLICY
37
13.1
OVERVIEW______________________________________________________________37
13.2
POLICY__________________________________________________________________37
13.3
GUIDELINES_____________________________________________________________37
13.4
IBEXSUPPORTCOMMUNICATIONMODALITY______________________________38
14. IT TRAINING POLICY 39
14.1
OVERVIEW______________________________________________________________39
14.2
POLICY__________________________________________________________________39
14.3
GUIDELINES_____________________________________________________________39
14.3.1 REQUEST FOR IT TRAINING_____________________________________________39
14.3.2 TRAINING ROOM_______________________________________________________39
14.3.3 TRAINERS_____________________________________________________________39
14.3.4 TRAINING CATEGORIES_________________________________________________40
15. ENFORCEMENT 40
Page iii
ACRONYMS
AUP
Acceptable Use Policy
BI
Budgetary Institution(s)
IBEX
Integrated Budget & Expenditure System
IT
Information Technology
ISAC
information System Administration Center
ICT
Information & Communication Technology
MoFED
Ministry of Finance & Economic Development
LAN
Local Area Network
Page

DEFINITION OF TERMS
ACCESS POINT: - Electronic hardware that serves as a common connection point for devices in a
Wireless network. An access point acts as a network hub that is used to connect segments of a LAN,
using transmits and receives antennas instead of ports for access by multiple users of the wireless
Network.
ARCHIVE: -The saving of old or unused files onto magnetic tape or other offline mass storage
media for the purpose of releasing on-line storage room
AUP: An Acceptable Use Policy, also sometimes acceptable usage policy or Fair Use Policy, is a set
of rules applied by the owner/manager of a network, website or large computer system that restrict
the ways in which the network site or system may be used. AUP documents are written for
corporations, businesses, universities, schools, internet service providers, and website owners often
to reduce the potential for legal action that may be taken by a user, and often with little prospect of
enforcement.
BACKUP: - Saving a copy of files onto mass storage media such as storage servers, hard disks or
CD/DVD for the purpose of preventing loss of data in the event of disaster or destruction.
DATABASE: - A file or file system containing organized information and, most commonly, a filing
and retrieval system for storing information. Most database software also includes tools for data
analysis. Examples of database software include Oracle, MS-SQL, My-Sql, and Microsoft Access. In
MoFED the data base servers include IBEX Database.
DISASTER: - Any event that might bring damage on the data storage medium. Disaster can be
natural or artificial, such as fire, thunder, flood, data deletion, system failure, medium failure, and
attack (from malicious scripts, viruses and others).
HARDWARE: - Hardware is a general term for the physical artifacts of a technology. It may also
mean the physical components of a computer system, in the form of computer hardware.
IT SUPPORT: - Is defined as responses to any queries made by end users to IT regarding failures,
problems, issues, questions, and other matters relating to the operation and continuity of MoFED's
PCs, Laptops, printer, scanner, photocopy and network infrastructure devices.
JUNK EMAIL: - E-mail spam, also known as junk e-mail, is a subset of spam that involves nearly
identical messages sent to numerous recipients by e-mail. A common synonym for spam is
Unsolicited Bulk E-mail (UBE). Definitions of spam usually include the aspects that email is
unsolicited and sent in bulk. "UCE" refers specifically to Unsolicited Commercial E-mail.
Page

NETWORK:
Computer
systems
and
connecting
devices
connected
together
using
telecommunication for the purpose of communicating and sharing resources in MoFED compounds.
It comprises the two LANs that are connected in both compounds of MoFED.
SECURITY: - Computer security is a branch of technology known as information security as
applied to computers and networks. The objective of computer security includes protection of
information and property from theft, corruption, or natural disaster, while allowing the information
and property to remain accessible and productive to its intended users.
SERVER: - Computers those are designed to support and deliver a computer network that allows
users to share files, applications, software and hardware. In MoFED there are servers like file
servers, application servers, DNS servers, etc.
SPAM: - Unsolicited or undesired electronic messages; in particular e-mail spam, unsolicited or
undesired email messages.
SOFTWARE: - Computer software is often regarded as anything but hardware, meaning that the
"hard" are the parts that are tangible while the "soft" part is the intangible objects inside the
computer. Software encompasses an extremely wide array of products and technologies developed
using different techniques like programming languages, scripting languages, micro-code, etc.
USERS: - Any employee, consultant or guest in MoFED who uses computer for office work. It
includes users of applications, database systems or the ICT infrastructure.
OFFICE APPLICATIONS SOFTWARE: - In computing, an office suite, sometimes called an
office software suite or productivity suite is a collection of programs intended to be used by
knowledge workers. The currently dominant office suites are Microsoft Office, which is available for
Microsoft Windows and Apple Inc.'s Mac OS X, and OpenOffice.org, free software (open source
alternative) available for many operating systems.
OPERATING SYSTEM: - Software that controls a computer and acts as a layer between the
hardware and the applications and users. (e.g., Linux, Windows, Mac OS X, UNIX).
RESTORE: - The process of bringing off line storage data back from the offline media and putting
it on an online storage system such as a file server.
WIRELESS NETWORK: - Refers to any type of computer network that is wireless, and is
commonly associated with a telecommunications network whose interconnection between nodes is
implemented without the use of wires.
Page
I.
INTRODUCTION
Over the years, MoFED has developed policies, guidelines and procedures which govern its day-today operations. While some of these policies and guidelines have been written down and formally
approved; others, specifically IT related, represent an informal consensus among the ISAC and other
work processes.
As part of its action plan for FY 2011, the ISAC worked to consolidate and codify current operating
policies, guidelines and procedures into a formal IT policy and guideline manual. This manual
defines the services provided, and governs their use. The policy also sets appropriate expectations
regarding the use and administration of MoFED's IT Infrastructure and resources.
The policies and guidelines contained in this manual address issues of appropriate use, procurement,
software development, web site administration, network security, data retention, personal use,
internet & email, support services, training, etc. The manual will be reviewed annually to incorporate
changes in policy due to changes in technology.
II.
OBJECTIVES
The broad objectives of the MoFED IT Policy are to:
Provide a framework that will enable ICT to contribute towards achieving MoFED goals.
Ensure that MoFED ICT infrastructure and capacity are utilized effectively, are compliant
with regional and international standards.
Establish a trusted and secure information infrastructure and a culture of cyber security at all
levels of MoFED society.
Enhance the exploitation of IT across MoFED for increased Productivity and efficiency; and
Transform MoFED into an Information-based society where everyone has equitable and
affordable access to ICTs and use ICT as tool for its Decision.
Position MoFED IT unit as IT centre of excellence and knowledge hub for others Public
body.
MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT
Page 1
ICT USERS POLICY
OVERVIEW
The intent of this policy is to establish guidelines for USERS, how to use computer hardware,
software, printers, fax machines, e-mail, Internet and intranet access, collectively called IT
Infrastructure.
This policy outlines polices and general guidelines and best practices in the proper utilization of IT
equipment and access credentials.
POLICY
Users are responsible to understand and apply MoFED IT policy.
Users of the computer system may not use the system for illegal or unlawful purposes,
including, but not limited to, copyright infringement, obscenity, libel, slander, fraud,
defamation, plagiarism, harassment, intimidation, forgery, impersonation, illegal gambling,
soliciting for illegal pyramid schemes, and computer tampering (e.g. spreading computer
viruses).
GUIDELINE
ISAC
Ensure proper utilization of ICT resources through training & help desk services.
Provide identity for users that could enable them to get access to ICT infrastructure in general
and to relevant applications, in particular.
certify users credentials handover upon termination of an employee
Shall maintain up-to-date hardware inventory, including information like type of equipment,
owner, location and others.
USERS
Should not use MoFED ICT systems for personal business.
Should not install any Software and Hardware on their PC without consulting ISAC
Are not allowed to add or modify network connections and any configurations.
Page 2
Should not use external speaker by any means
Not affect the identification codes of their machine by any means
Use their identity to get access to MoFEDs ICT resources
Keep their identity properly; change their passwords regularly
Not pass their identity to second party including colleague
No personal data files may be stored on the MoFED computer system or on individual
workstations.
Perform their operations through proper ICT equipment
Place their equipment in an appropriate position
Keep their equipment clean
Never put and/or use food or beverages near PCs
Keep all accessories, including driver and recovery CDs in a safe place
Will be given access to appropriate network printers. In some limited cases, users may be
given local printers if deemed necessary by ISAC.
Will be given as much as possible one Desktop computer or Laptop computer not both. In
some limited cases, a user may be given both if deemed necessary by ISAC and
Departments.
Shall not in any way affect the proper utilization of shared resources, such as printers.
will have the responsibility for the acceptable use of the hardware
Shall under no circumstances remove/replace parts of hardware.
Users are responsible for handling the IT equipment (PC, printer etc.) properly.
Expected to comply with MOFED IT policies and procedures to ensure the proper usage of
the MOFED Network Infrastructure.
Page 3
TERMINATION OF EMPLOYEES
Upon termination of Employees:
Work processes shall notify ISAC of termination of employees in writing.
Upon transfer/return of equipment, user data should be completely removed from the PC
using appropriate tools/methods.
Data belonging to MoFED shall be transferred to the appropriate person.
ISAC shall disable and then delete user accounts belonging to terminated/resigned users.
Data stored on equipment belonging to terminated users shall be removed in an appropriate

manner.
On resignation or termination of employment, users should handover all the equipment

(including CDs) and credentials to the relevant bodies. This should be considered as part of
the clearance procedure.
Page 4
HARDWARE & SOFTWARE PROCUREMENT SUPPORT POLICY
OVERVIEW
This policy establishes guidelines for the procurement of all computing and communication
hardware and software in order to maximize MoFED's investment in Information Technology (IT),
selection of appropriate technology and made Tradeoffs between cost and quality of technology.
POLICY
To take advantage of ICT tools in the most cost-effective manner, ISAC will standardize a
series of hardware and software products that integrate easily with MoFED's IT
infrastructure, maintain and make available an up-to-date list of supported hardware and
software together with technical specification.
While the acquisition of standard products is encouraged, some core/support processes have
a need for special equipment or software which may not be included in the list of supported
products, ISAC will consult with them to select the most appropriate equipment and to work
out an agreement for continued support.
All procured software should be licensed, genuine and as much as possible shall meet the
standard set by ISAC.
GUIDELINE
II.3.1. Responsibility of ISAC
Accept IT related equipment and software purchase request from all MoFED work processes
formally.
Decide on the appropriateness of request for purchase based on certain factors; not all
procurement requests may be approved.
Be responsible for supporting the finance & procurement sub process for procuring quality
ICT equipments and software.
Propose the procurement of ICT equipment based on regular assessment
Prepare specification and revise it every two months based on relevant parameters such as
latest technology, cost, availability, support, warranty etc
Perform technical evaluation of ICT equipment and software procurement bids
Respond to any technical complaints/suggestions that might be raised from suppliers.
Page 5
Confirm equipments according to specification upon delivery.
Approves all ICT related hardware procured should be brand new and not reconditioned or
refurbished
Install and configure the equipment.
II.3.2. Responsibility of Finance & procurement process /Channel One Program
Consult the ISAC for any technical assistance related to the procurement of ICT related
equipments and software.
Deal with the supplier based on ISAC report if there is any problem on the equipment during
the warranty period.
Not make any payment for IT service (Hardware, software or Training) acquired from third
party unless certified and approved by ISAC.
II.3.3. Responsibility of the property administration sub process
Formally communicate with ISAC on the acquisition of IT equipment, be it from local

purchase, donation or otherwise.
Page 6
HARDWARE POLICY
OVERVIEW
As users of MoFED are increasing from time to time, the procurement of IT equipments and
software systems is increasing. In addition some of the items to be purchased require high
investment. This policy establishes guidelines for the deployment and use of hardware in MoFED.
POLICY
ISAC shall be responsible for the hardware maintenance, movement of ICT Equipments and disposal
of hardware. In addition, when equipment fails to function as a whole, certain parts should be moved
to be used for upgrading or replacing faulty parts, i.e., cannibalization of hard ware will be done.
GUIDELINES
3.1.1 HARDWARE MAINTENANCE
Repairs/maintenances or upgrades of all ICT related hardware shall be carried out by ISAC.
Outsourcing of hardware maintenance shall be done with the approval of ISAC.
ISAC shall sign an agreement when equipments are maintained off site.
Parts from non-functioning equipment shall be used to upgrade or replace faulty equipment
Record of cannibalized parts should be maintained.
ISAC shall keep a stock for such items as RAM, hard disk, etc as spare part, and budget
should be allocated for such items.
In order to keep durability of hardware, Preventive maintenance will be done based on

suppliers manual.
In order to satisfy MoFED hardware maintenance need, ISAC shall be equipped with well
organized workshop.
ISCAC has the responsibility for UPS equipment and generators to check regularly ensuring
they have adequate capacity and tested in accordance with manufacturer recommendation.
Appropriate control scheduled is set for equipment maintenance.
Page 7
3.1.2 DISPOSAL OF HARDWARE:
Hardware should be disposed when they are below the standard of MoFED, non functional,
or couldnt be upgraded.
ISAC shall determine the obsolescence of equipment annually and propose their disposal
The disposal of equipment will only be performed by concerned body in collaboration with
ISAC.
ISAC shall have sole responsibility for cannibalizing the hardware that cannot be sold and
can no longer be used in whole, but has useful components
3.1.3 MOVEMENT OF ICT EQUIPMENT
In order to prevent damage on an ICT related equipment, computer network and user's data
by improper transportation techniques, arrangements must be made with ISAC before any
ICT related equipments are moved from its place of installation to another place
Equipment, information or software should not be taken off-site without authorization.
Employees, contractors and third party users who have authority to permit off-site movement
of assets should be clearly identified.
Page 8
OPERATING SYSTEM & BASIC APPLICATION SOFTWARE POLICY
OVERVIEW
This section is intended to describe the policy & guidelines for the standardization and usage of
operating system, application software and different software for servers and workstations.
POLICY
ISAC shall regularly standardize operating systems and any end user application software to be
used in the Ministry. All procured software should be licensed and genuine.
GUIDELINES
Users are not permitted to install any unauthorized software on their computers, servers and on
any IT equipment connected to MoFED network.
The operating system will be of the same type and version. A different version may be
installed on machines which do not support this standard software. Likewise, application
software should also be of the same type and version to the extent possible.
Installation of latest version or patch/update should be implemented after extensive and

successful testing. A roll back strategy should be in place before updates/upgrades are
implemented.
Before changes are done, all software, information, database entities, and hardware that
require amendment should be identified.
ISAC implements licensed software regularly assessing the requirement for the new software
within the context of MoFED's mission, strategy and current technology needs.
ISAC shall provide software training for users on basic applications like Microsoft Office
and other applications developed in house or procured of-the-shelf.
ISAC shall keep software disks, manuals and Software license inventory in a safe storage
area.
Any hardware which MoFED buys shall come with licensed software installed on it or if
needed with no software installed at all.
Page 9
ISAC shall do the updating/upgrading of any software.
NETWORK POLICY
OVERVIEW
The purpose of this policy is to confirm the ownership of the MOFED Network Infrastructure and
establish the responsibilities of MOFED staff and guests in protecting and securing the network.
The MoFED Network Infrastructure includes, but is not limited to the following:
o Wired and wireless network equipment including jacks, wiring, switches, hubs and routers;
o Network-based communication services such as e-mail & Voice Network.
o Computers and electronic devices (such as desktops, laptops, servers, and other mobile
equipment, wireless technologies, copiers, faxes, IP phones) that are purchased or leased
using MoFED funds.
POLICY
ISAC should avail appropriate network infrastructure, network services & resource access to
every user.
ISAC reserves the right to access any computer or electronic device connecting to the
MoFED Network Infrastructure in order to verify compliance with this and other applicable
information security policies.
ISAC shall implement proper network security and document the network infrastructure.
Access to the Internet will be provided to users to support business activities and only to
perform their jobs and professional roles.
Internet access shall be through a proxy server (proxy.mofed.gov.et).
GUIDELINES
ISAC shall:
Ensure that the network has the required standard.
Upgrade the existing network and introduce new technology to satisfy the demands of users.
Be responsible for overseeing the operations of the Network Infrastructure.
Page 10
Design, implement and maintain its network architecture with the appropriate level of
administrative and technical security controls.
Monitor the availability and security of the existing network.
Establish standards to properly configure all network security technology to protect sensitive
information.
Prepare Network infrastructure documentation and configuration guide.
WIRELESS NETWORK
The wireless network applies to all areas of wireless connectivity to the MoFED network
infrastructure, and includes all wireless devices operating within the MoFED IP address range, on
any of the MoFED premises, or any remote location directly connected to the MoFED network.
ISAC acts as the central management body in regulating the installation and maintenance of
all wireless connection and any request for installation of new Access Points must be directed
through ISAC.
All new Access Points must be purchased via ISAC and the existing Access Points must
conform to recommended specifications as defined by ISAC.
ISAC will provide a standard and all Access Points must follow the ISAC Standard
Configuration settings.
ISAC monitor wireless networks on a regular basis and has the right to remove any
unauthorized and non standard Access Point from the network without any notification.
ISAC is solely responsible for providing, monitoring and maintaining wireless networking
services and also responsible to register the location of all wireless access points.
ISAC is responsible for maintaining a secure wireless network and will deploy adequate
security procedures to support wireless networking on campus.
REMOTE ACCESS
The purpose of this guideline is to define standards for connecting to MoFED's network from any
location. These standards are designed to minimize the potential exposure to MoFED from damages
which may result from unauthorized use of MoFED resources.
Remote access implementations that are covered by this guideline include, but are not limited to,
Page 11

dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc.
It is the responsibility of MoFED employees, contractors, vendors and agents with remote
access privileges to MoFED's corporate network to ensure that their remote access
connection is given the same consideration as the user's on-site connection to MoFED.
Secure remote access must be strictly controlled. Control will be enforced via password
authentication or public/private keys with strong pass-phrases.
Non-standard hardware configurations must be approved by Remote Access Services, and

ISAC must approve security configurations for access to hardware.
All hosts that are connected to MoFED internal networks via remote access technologies
must use the most up-to-date anti-virus software.
Remote maintenance is restricted to authorized individuals, confined to individual sessions

and subject to review.
VIRTUAL PRIVATE NETWORK (VPN)
The following procedures and guidelines must be considered during VPN remote access.
Employees with VPN privileges must not transfer their account to third party.
VPN users will be automatically disconnected from MoFED's network after thirty minutes of
inactive.
The VPN privilege account is limited to 24 hours.
ISAC is responsible for defining VPN clients used by VPN users.
ISAC is responsible to control and manage VPN users.
By using VPN technology with personal equipment, users are subject to the same rules and
regulations that apply to MoFED-owned equipment.
INTERNET
5.1.1
INTERNET ACCESS
Access to the Internet will be provided to users to support business activities and only to
perform their jobs and professional roles.
ISAC shall have the responsibility to guarantee Internet access through proxy server
(proxy.mofed.gov.et).
Page 12
ISAC has the responsibility to deal with ISP (ETC) for the appropriate quality of service of
the Internet.
5.1.2
ALLOWED INTERNET SERVICES

ISAC reserves the right to add or delete services as business needs change or conditions
warrant.
The following standard Internet services will be provided to users:

o E-mail, WWW, File Transfer Protocol (FTP) and Telnet.
5.1.3
PROHIBITED INTERNET ACTIVITIES
ISAC must filter/control potentially harmful contents from the Internet through its proxy server.
The following are some of Internet usages that are strictly prohibited and filtered.
Any interaction with Usenet groups, newsgroups, or other topic-based forums on the Internet,
or with any Web sites providing material that:
o Contributes to a hostile work environment.
o Promote sexual harassment.
o Promotes illegal activities of any kind.
o Links to any unsuitable, questionable, or illegal material
Chat rooms that contribute offensive acts such as racism, gender abuse, fundamentalism,
ethnicity.
Any interaction with sites or downloading materials that can.

o Diminishes network performance such as streaming Medias, online games.
o Compromise network security
o Have a negative impact on the use or performance of the client computer
5.1.4
WEBSITE EXEMPTION
ISAC may grantee Web Site Exemption for a limited duration or to a limited scope of
employees based on the nature of the site and suitable justification for the exemption.
No exemption under any circumstances will be granted for Web sites in the following categories:
o Pornography
Page 13

o Mature content
o Sites dedicated to the promotion of hatred or violence
VIDEO CONFERENCE SERVICE
MoFEDs Video Conferencing is based on telecommunication technology that connects two or more
locations over a secure computer network with a camera, monitor, and micro-phone at each location.
RESPONSIBILITIES
ISAC is responsible for Video system oversight and for scheduling of video equipment.
ISAC will ensure equipment security, schedule the Video Conference with the ISAC
Centralized Scheduler and set-up the equipment before the conference begins.
Video conference participants have a basic right to privacy and confidentiality in the use of
the Video Conferencing service.
Only ISAC staff has the authorization to manipulate video system configuration.
ONSITE CLIENT RESPONSIBILITY: Videoconference clients are responsible for

reserving the space, coordinating program arrangements, and catering. Videoconference
clients are responsible for providing a site coordinator to be present at the videoconference to
oversee registration, provide official greetings, or other administrative details.
OFFSITE CLIENT RESPONSIBILITY include provision of the following:

o Suitable location the unit should be placed in small- to mid-sized conference room.
The room should provide space for at least 6 people to sit at a table within the 65degree field of view of the camera. The room should have good acoustics without any
obvious echo, and the lighting should be adjustable and provide well-lit faces. There
must be a place for the endpoint to be located adjacent to the display device (e.g.,
usually on top of the TV) with convenient access to a power socket and network
connection. The room should be generally available for booking, secure from theft,
and located conveniently for those people most likely to use it.
o Network connection the unit requires switch with high speed Ethernet connection.
o Display the unit requires a display device, which could be a television (20" or larger
recommended). The sound output from the TV should be enough to fill the room.
Page 14

Audio-visual cart or stand the unit, TV, microphones and remote should all be
stored on a cart or permanent shelf within the room. The unit should be mounted on
top of the TV. The TV should be mounted on the top of the cart at eye-level.
MOFED WEB SITE POLICY
OVERVIEW
MoFED has established a web presence over the internet for sharing up-to-date and reliable
information to the general public and the MoFED community. Web hosting has become one of the
services available on the MoFED. This policy creates a standard way using MoFED website.
POLICY
ISAC has a sole responsibility to manage the website, handle technical issues and provide
training for end user.
Public relation and information process manage and follow up all the contents to be posted
on the website.
GUIDELINES
6.1.1
RESPONSIBILITY
To enable the concerned work processes to publish their pages, ISAC will provide disk space
on web servers and training for relevant work processes.
Work processes are responsible to assign dedicated personnel to post their content on the
website.
ISAC will prepare and conduct the training on posting web content.
The Public Relations and information process shall review the content posting/publishing
regularly and collect feedbacks from the website visitors.
It is the responsibility of ISAC to ensure that the guidelines are enforced as required and that
the content posted on MoFEDs website adheres to the guidelines.
Page 15

6.1.2
WEBSITE MANAGEMENT
Public relation and information process in collaboration with ISAC has the right to change or
remove any information or link on the website to assure accuracy and timeliness.
The website should be reviewed regularly.
Time-sensitive content, such as information promoting events will be removed as soon as the
event takes place.
News should be reviewed and updated on a timely base.
Links to other websites of similar mission will be provided on the site.
All content on the website will adhere to applicable copyright and other laws.
WEBSITE
The domain name of MoFEDs website is www.mofed.gov.et
Any technical inquiry about the web site should be sent to the following email address:
webmaster@mofed.gov.et
MoFEDs website ownership should be clearly indicated on the homepage or directly

accessible through a link from all other web pages.
CONTINGENCY MANAGEMENT (BACKUP)
Web master of ISAC will take Regular Back-up of the website and gives technical support.
The website will be hosted on MoFEDs internal server.
Should be included in disaster recovery infrastructure to ensure fastest restoration of the

website in the event of any unforeseen hardware/software failure.
6.1.3 WEB CONTENT
Content should be reviewed for quality (including originality, accuracy, and reliability)
before posting.
The website should provide information about MoFED and other related topics.
The content of MoFEDs website must include, among others:

o Name and emblem of MoFED
o Mission, Vision and Goals of MoFED
Page 16

o Aim and objectives of MoFED
o Organizational structure, including directorates, officers, etc
o Contact address including Postal address, fax, phone number and email of the
organization
o MoFED Press releases
o Publications
o Financial law, regulations & guidelines
Any content on the website should be free of :

o Insulting, threatening or provocative language
o Inciting hatred on the basis of race, religion, gender, nationality or sexual
orientation or other personal characteristics
o Swearing, using hate-speech or making obscene or vulgar statements
o Condoning illegal activity or breach of copyright
o Posting in a language other than the languages of the website
o Invading peoples privacy
COPYRIGHT
Copyright ownership of specific content should be clearly indicated on.
Screen and on items printed from the site.
MoFEDs website administrator should be sensitive towards publishing any information havi
ng a third party copyright. The administrator should follow the proper procedures to obtain
the permission prior to publishing such information on the website.
In cases where the nature of the information or document calls for a restriction on its
reproduction, the copyright statement could indicate the following terms:
The following material is subject to copyright protection unless othe
rwise indicated. The material may be downloaded to file or printer without
requiring specific prior permission. Any other proposed use of the
Page 17

material is subject to the approval of copy right holder. Application for
obtaining permission should be made to (email and complete postal
address of the concerned copyright holder)
DOWNLOADING FILES
If contents are available to be downloaded as a link, necessary software should be provided

or recommended accordingly.
6.1.4
BILINGUAL (AMHARIC & ENGLISH) VERSION

The MoFED website, in addition to use of the English language, should display
contents in Amharic Language.
Mixing two languages in a single page is not recommended.
As much as possible contents that are presented in both languages
should
be
updated
simultaneously or it should have a time stamp indicating the date of updating the
information.
6.1.5 ACCESSIBILITY and VISIBILITY

ACCESSIBILITY
If links are not functional, these links should be repaired or removed in a timely manner.
The website should not redirect the viewer to a s the viewer didnt intend to visit.
The website should not frame other sites.
There should be a general disclaimer for visitors of the website, the Disclaimer
statement could indicate the following terms:
This is a public website and author(s) are responsible for their writings
and MoFED is not responsible for the contents and the hyperlinks on this
website to other internet resources, expressed or implied, including, but
not limited to the warranties of merchantability, copyright of third party,
or the presence or absence of any computer virus.
VISIBILITY
To improve the likelihood that the website of MoFED has a high visibility:
The website should be registered with as many search engines as possible, under
appropriate categories.
Page 18
The website should incorporate internal descriptive data or meta data comprising
relevant keywords and descriptions, intended to be read by search engines.
All the stationery items of MoFED such as Letterheads, Publicity material such as Brochures,
Pamphlets and documents such as monthly magazines etc, should display the URL of the
website.
Page 19
MOFED ELECTRONIC MAIL SERVICE POLICY
OVERVIEW
MoFED has internal Electronic Mail Service that enables users to share information and exchange
ideas, as a means of communication. This policy is designed to ensure the proper usage of MoFEDs
Email service.
POLICY
ISAC shall implement a mail and collaboration system.
All employees of MoFED and consultants working for MoFED are eligible to use the email
system.
All official business communications should be done using MoFEDs email address account.
Users of MoFEDs IT facilities must take all reasonable steps to prevent the receipt and
transmission by email of malicious software e.g. computer viruses.
ISAC will maintain appropriate monitoring arrangements in relation to all Internet, email and
related services and facilities that it provides, and will apply these monitoring arrangements
to all users.
GUIDELINES
7.1.1 ACCOUNT REQUEST FOR ELIGIBLE USERS
When new employee is hired, the work process is responsible to request ISAC for email
account.
Work Processes may request e-mail accounts to ISAC for guests who are in some way
affiliated with MoFED.
ISAC will grant the e-mail account based on the request by the work process.
Work processes should notify the ISAC when relationship of the account holder with
MoFED no longer exists.
The email address of every employee will have the following structure:
o
'first letter of employee first name'&'middleName'&'@moged.gov.et'

E.g. Abebe Kebede email address will be: akebede@mofed.gov.et
Page 20

7.1.2
DISK SPACE QUOTA

Email service users on the MoFED network will get disk space on the mail server. Currently,
this quota is set to 1GB with the possibility of applying for an increase in space if need be
justified.
If users do not read their mail often enough, their disk space may fill up, and mail sent after
users have exceeded their quota will be bounced back to the sender with an error message.
In the interest of more disk space utilization, email client software, preferably Zimbra Desk top shall
be installed and configured on user machines.
7.1.3
ACCEPTABLE USES
The use of e-mail services is dependent on your complying with the MoFED rules and regulations
besides the stated policies hereunder. Anyone who does not comply with the following rules may
have his/her account disabled and/or the ISAC reserves the right to cancel the privilege of using mail
services at any time.
Mail account is not used for personal business activities, unless it is consistent with MoFED
policy.
Use of e-mail system communications that violate MoFEDs policy including but not limited
to transmission of abusive, obscene, offensive or harassing messages, or messages that
disclose personal information without authorization is prohibited.
Email service shall not be used for junk or unsolicited, bulk mail, and chain letters.
The mail service may not be used for personal financial/monetary gain.
Using the identity and password of someone else for access or otherwise attempting to evade,
disable, or crack password or other security provisions is not allowed.
7.1.4 CONFIDENTIALITY and MONITORING
CONFIDENTIALITY
The contents of email messages sent or received are generally intended to be confidential,
meaning that the contents of any email message are intended to be shared only by its sender
and recipients. However, the fact that these messages occurred, message sender (by whom),
receiver (to whom), and date mailed (when) are not confidential.
Page 21

MONITORING EMAIL
Access to email services and facilities at MoFED is a privilege and must be treated as such
by all users. Although the contents of email messages are not routinely monitored, ISAC
reserves the right to monitor email where required to prevent the continued use of email
messages for illegal purposes.
PUBLISHING YOUR E-MAIL ADDRESS
Users e-mail address is not private information and we are free to include it in MoFED
contacts database so that people from anywhere can look up users e-mail address based upon
knowledge of their full name.
ACCESS TO MAIL
Users mail received/sent through MoFED network is usually considered private. The ISAC
will not read the content of mail unless there is an urgent situation that makes it necessary to
do so in the course of their duties.
7.1.5
MAIL BOUNCING
The ISAC reserve the right to refuse mail from outside hosts that send unsolicited (bulk), mass or
commercial messages, or messages that are considered as threats, or messages that appear to contain
viruses to MoFED network system or other users, and to filter, refuse or discard such messages.
7.1.6
ACCOUNT DISABLING AND DELETION
Disable means that the account is still able to receive mail, but users will not be able to send
message. During deletion, the user will be no long be able to use MoFED mail account.
To use the email service, a user must be currently an employee of MoFED either in
permanent or contractual bases, a consultant or a guest. If they leave MoFED, their account
will be disabled or deleted.
An account will be disabled or deleted when account audit is performed, when ISAC believe
that the user violet acceptable use of mail service.
If users account remains disabled for two months without being reactivated, then the next
time an account audit is performed, it will be deleted and, hence, they will no longer be able
to use e-mail service at MoFED unless an account is created again.
Page 22
SOFTWARE DEVELOPMENT POLICY
OVERVIEW
This section of the IT policy describes the standardization guidelines & procedures for in-house or
third party software development as well as deployment and management.
POLICY
ISAC shall standardize software development tools for in-house as well as third-party
software development based on the skills & knowledge of development staffs. Moreover,
Priority shall be given to Open Source development tools.
Software that cannot be developed in house would be outsourced to the third party. This
outsourcing environment shall build the capacity of the staff.
GUIDELINES
ISAC shall standardize in house software development.
Software must be developed using the standard software development life cycle.
ISAC shall undertake regular system requirement study, develop software and provide
training for users before the software is implemented and deployed.
Software must be installed in ISAC server and managed by system administrators.
Work processes should provide full system information and assign relevant personnel to
work with ISACs development team during requirement analysis.
ISAC has the responsibility to appoint project Manager

o To achieve individual accountability for systems development activities
o
To co-ordinate ICT security activities associated with systems development
System documentation and user manual should be part of the information system
development process.
ISAC shall have document that will show ownership, role and responsibilities of departments
/work process for applications developed like IBEX, DMFAS.
Page 23
THIRD-PARTY SOFTWARE DEVELOPMENT (OUTSOURCING)

MoFED has different types of experience on outsourcing software development to third parties on
different time. The following are key measures that will be implemented during out sourcing.
ISAC development team should fully participate in the software development process.
Contracted companies must design and develop the software inside MoFED compound.
ISAC development team must assure a complete documentation is provided for any software
developed by third party.
ISAC shall do the updating/upgrading of any software keeping in mind having standardized
software utilization.
User manuals must be designed and prepared for any software developed.
The third party shall provide either TOT ( Training of Trainers) or user training for
concerned and appropriate staff before the software is deployed. This ensures proper testing
and usage.
Page 24
BACKUP POLICY
OVERVIEW
This policy defines data and system backup from computers, servers, router, switch and other IT
equipments within MOFED.
POLICY
ISAC shall implement a standard data and system backup. Recovery shall be done when there is loss
of data or system failure on the computing system.
GUIDELINES
ISAC is responsible to take application such as Mail, DMFAS, IBEX, AMP database backup
every week on Friday.
ISAC is responsible to take system and device configuration backup every two weeks on
Friday.
ISAC shall document and periodically review backup and recovery of MoFED Information
resources.
ISAC should guarantee the recovery of lost application and system data in the event of any
failure due to natural or manmade disaster.
ISAC shall assign staff personnel to perform regular backups. The assigned person develops
a procedure for testing backups and test the ability to restore data from backups on a monthly
basis.
Backup files must be periodically tested to ensure that they can be restored in case of a
disaster.
ISAC is not responsible for loss of data on users laptops and standalone computers, and
hence is not required to perform recovery operations.
Users should take their own backup of important work such as word files, excel files, major
projects, research documents on alternate media like CD.
Physical access controls implemented at off-site backup storage locations must meet or
exceed the of the source systems.
Page 25
Backups must have at least the following information that can be readily identified by labels
and/or a bar-coding system: System name, creation date, sensitivity classification
(encryption) and MoFED contact information.
Storage server, external hard disks or CD/DVD can be used as a backup storage medium.
Archives are made at the end of every year in June (Sene). User account data associated with the mail
servers are stored one month after they have left the organization.
Offline External Hard Disks used for nightly backup shall be stored in an adjacent building in
a fireproof safe. Monthly Backups shall be stored in a fireproof safe.
9.1.1
RESTORATION
Users that need files to be restored must submit a request to the help desk including information
about the file creation date, the name of the file, the last time it was changed, and the date and time it
was deleted or destroyed.
Page 26
10 SECURITY POLICY
OVERVIEW
The purpose of this policy is to ensure secure and reliable IT infrastructure access and performance
for MoFED community. This policy is intended to protect the IT infrastructure and mitigate the risks
and losses associated with security threats to the network and information systems.
POLICY
ISAC has responsibility to classify information transmitted over the MoFED network and
determine the level of protection that should be applied to the network, thereby preventing
unauthorized disclosure of confidential information.
ISAC have the responsibility to define, implement and enforce security requirements during
information systems development.
To ensure that security activities are carried out in a timely and accurate manner, and that
security issues are resolved effectively, ISCAC has the responsibility to appoint an individual
to co-ordinate the ICT security activities associated with the MoFED.
Users should be aware of the key elements of ICT security and understand their personal ICT
security responsibilities.
GUIDELINE
10.1.1 PHYSICAL SECURITY

CABLING SECURITY
The following are the responsibility of ISCAC regarding cabling:
Protect network cabling from unauthorized interruption or damage.
Prepare documented patch list of network cabling and detailed cabling diagram to enable
proper cable fault troubleshooting.
Checks power and communication cables lines are installed in secured manner.
MEDIA HANDLING
In this context media refers any permanent storage devices.
Access to media containing sensitive information is restricted to prevent access from
Page 27

unauthorized personnel.
System documentation stored in internal network or distributed via a public network; are
appropriately protected.
10.1.2 NETWORK SECURITY

NETWORK ACCESS CONTROL
ISAC shall implement a proper secure logon procedure, user identification and authentication
for accessing network resource.
The network access rights of users shall be maintained and updated as needed.
The connection capability of users can be restricted through network gateways that filter
traffic by means of pre- defined tables or rules.
Network monitoring
ISAC assess the performance of the network using techniques such as:
Review of network and intrusion detection logs.
Examination of usage reports from service providers.
Port configuration
ISAC have the responsibility to implement Port Configuration Protection.
Ports, services and similar facilities which are not specifically required for business
functionality should be disabled or removed.
OPERATING SYSTEM ACCESS CONTROL

Secure log-on procedures
ISAC have the responsibility to implement the following Secure Log-on Procedures such as:
o Display warning message when computers are accessed by unauthorized users.

o Validate the log-on information only on completion of all input data.
o Limit the number of unsuccessful log on attempts.
o Limit the maximum and minimum time allowed for the log-on procedure.
Page 28

10.1.3 INTERNET SECURITY
ISAC has the responsibility to minimize risk associated with Internet and E-mail services by
introducing:
User Authorization and Verification
Firewall and Antivirus protection
Review of Logs
10.1.4 ANTIVIRUS
The antivirus deployed in MoFED ICT infrastructure must be centralized corporate antivirus which
ensures the detection and protection mechanism of virus, malware, adware, spyware and so on.
ISAC should deploy antivirus on all computers & servers.
ISAC shall regularly monitor the status of the antivirus system.
ISAC shall take appropriate measure in case of a virus outbreak.
Users should report any problems related to virus.
Users should not stop anti-virus definition updates and anti-virus scans.
Users should perform the following recommended procedures to prevent virus problems.
o Always run the MoFED standard, supported anti-virus software

o NEVER open files or macros attached to an email from an unknown, suspicious or
untrustworthy source.
o Delete spam, chain, and other junk email without forwarding.
o Never download files from unknown or suspicious sources.
o Avoid direct removable disk sharing access unless there is a need to do so
o Always scan removable disks from an unknown source for viruses before using it
o Laptop users must regularly connect to the network to ensure that the anti-virus
software gets updated.
o Must not change, uninstall or delete anti-virus software that is installed on their
computers.
Page 29

o Back-up critical data/files on a regular basis and store the data in a safe place.
Anti-virus scans shall be done a minimum of once per week on all user controlled
workstations and servers.
In the event of a viral infection, computers infected with viruses shall be disconnected from
the network until the infection has been removed.
The anti-virus product shall be operated in real time on all servers and client computers.
The anti-virus library definitions shall be updated regularly.
10.1.5 WIRELESS ACCESS
ISAC ensure that only authorized individuals gain Wireless access to the network
Wireless access points shall require user authentication at the access point before granting
access to MoFED network or Internet services.
Physical security should be considered for access points when planning the location of
wireless access point and other wireless network components.
10.1.6 INFORMATION SYSTEMS SECURIT

ISAC have the responsibility to check Security Requirements of information system projects
basically on the following issues
Security requirements and controls should reflect the business value of the information and
ICT assets involved
System development activities should be performed in specialized environment which is

isolated from the operational and testing environments and protected against unauthorized
access.
Development activities should be carried out in accordance with the documented system
development methodology
ISAC has to set security controls and security requirements to check quality assurance of key
security activities.
Page 30
10.1.7 USER MANAGMENT

USER REGISTRATION
ISAC has the responsibility to check or implement that:
Users are registered with unique user ID for their duties and responsibilities.
The level of access granted for users is appropriate to the business purpose.
Users acquire a written statement about their access rights and get confirmation from users.
Users who have changed roles, jobs or left the organization their account should be removed
or blocked immediately.
USER PASSWORD MANAGEMENT
users should be provided initially with a secure temporary password, which they are forced to
change immediately
Users password should be combination of letters, symbols and digits.
Password length should be a minimum of 8 characters and not easily guessable
Passwords should never be stored on computer systems, mail, papers and board in an
unprotected form.
Default vendor passwords should be changed after installation of systems or software
10.1.8 ICT SECURITY INCIDENT MANAGEMENT

ISAC has the responsibility to identify information security incidents and respond using ICT security
incident management process.
Any user who becomes aware of any loss or compromise shall immediately inform to ISAC.
All security incidents shall be recorded to ensure that details of the incident, investigation,
resolution and outcome are documented.
10.1.9 SECURIYT AUDIT
The ICT security status of Network and systems development activity should subject to
regular Security audits or reviews by internal or external IT auditors.
The audit scope shall include the following areas:o
External network vulnerability assessment and penetration testing
Page 31

o
Internal network vulnerability assessment and penetration testing
Web application penetration testing
Dial-In / RAS security testing
DMZ or network architecture designs / reviews
Wireless network assessment and penetration testing
Virtual infrastructure security assessment
Server configuration reviews
Firewall and router configuration reviews
VPN configuration reviews
Physical security reviews
Software source code reviews
Application threat modeling and design reviews
Information security risk assessment
Security awareness program development or review
Incident response program development or review
10.1.10
ICT SYSTEMS USAGE
The following acceptable ICT systems usage:

USER should:
Terminate active sessions when finished, unless they can be secured by an appropriate
locking mechanism.
Log-off computers and servers when the session is completed.
keep passwords confidential and avoid keeping a record of passwords
change passwords whenever there is any indication of possible system or password

compromise
change passwords at regular intervals and change temporary passwords at the first log-on
Page 32
11 DATA CENTER POLICY

OVERVIEW
The security of the equipment and data in MoFED data center is of critical importance of the daily
function of MoFED. This document is to communicate the policies and procedures by which access
should be obtained and how individuals will conduct themselves within the data center.
POLICY
MOFED data center is established to standardize data maintaining strategy of the

organization. The data center should be protected by access control, surveillance systems or
by security staff.
GUIDELINES
A form must be completed for all equipment installations, removals, and changes
ISAC shall have certain system specifications for equipment to be housed within the Data
Center
System Administrators should be contacted immediately if any activity requires access to the
Data Center infrastructure and/or environmental systems.
Under no circumstances should food or beverage of any kind be brought into data center.
ISAC shall label all equipments in the data center including both ends of power and data
cords.
No hardware, software, furniture, shelving or other materials will be removed or added to the
Data Center without prior approval of ISAC
All equipment must be rack mountable. Exceptions must be approved by ISAC
The Data center must be kept clean and dust-free at all times.
Keep all doors and windows closed at all times.
The data center must be air-conditioned with at least 40,000 BTU.
Temperature levels in the Data Center will be maintained at 20oC - 24oC.
Page 33
Backup generator is required to continue in case of prolonged power failure.
DATA CENTER ACCESS
Automated access
o Card swipe access holder is available to the data center on a 7/24 basis for
authorized card holders. Card swipe access is limited to authorized
Network/system administrators.
When access is required, proper notification and justification needs to be provided in

accordance with the access policy set forth in the Site Visit section.
Authorized personnel with pre-approved access to the Data Center are required to register
entrance / exit time and checked by data center operator.
11.1.1 DATA CENTER TOURS / VISITORS

In general, casual tour or visit of the data center is not allowed. In exceptional case, it may
be granted to visitors. Requests for such visits should be directed to and approved by the
ISAC.
PLANNED WORK VISIT
Users who are planning to work on equipment within the Data Center should submit
their request by call (103, 104, 105, 107, 113) or email (info@mofed.gov.et) at least
one day in advance and should notify of the scheduled work taking place.
Planned-work site visits must be pre-approved by ISAC and Notification must be sent
to the user.
Visitors must be accompanied by either Data Center Operators or other authorized staff
members while they are visiting the Data Center.
Visitors keep record when entering/exiting the Data Center. The purpose of the visit
must be documented.
UNPLANNED (EMERGENCY) WORK VISIT
Authorized user will be given immediate access to the Data Center when an emergency
situation warrants that access. It is requested that Emergency-work site visits be
preceded by a telephone call to the call center explaining the situation and the need for
Page 34

immediate access.
DATA CENTER ETIQUETTE

In order to maintain a clean room environment and allow all work performed within the Data Center
to be carried out as efficiently as possible, it is mandatory for all persons working within the Data
Center to adhere to the following rules:
All work areas must be kept clean and free of debris. Upon completion of any work in the
room, staff performing the work should ensure they have left the area as clean as it was
before their work begun.
Hazardous or combustible materials should not be stored in the data center.
All rack enclosures should be kept neat and free of manuals, diskettes, cables, etc. Doors on
all racks should remain closed at all times except during performing work.
Appropriate fire detection and alarm equipment should be placed in the data center.
Cables should never be strung outside of rack enclosures.
Visitors should not:

o Lift floor tiles without prior knowledge, consent, and oversight of the ISAC staff.
o Touch a Power Distribution Unit (PDU) within the Data Center.
o Touch the Air Conditioning Unit (AC) within the Data Center.
o Open a data center communications cabinet.
o Plug any device into another cabinets power supply.
Page 35
12 INTERNAL IT SUPPORT POLICY

OVERVIEW
The purpose of this policy is to provide a framework for giving technical support for MoFED IT
users (employees and guests) and describe the basic level of service that will be provided.
And also defines the responsibility of ISACs support team in providing time conscious and reliable
support to the USER.
POLICY
Users have the right to get ICT related support service from ISAC.
GUIDELINE
USERS:
Shall report any IT related problem to ISAC help desk support using :
o Extension Telephone numbers: 105, 113 and 114
o mail address: helpdesksupport@mofed.gov.et or support@mofed.gov.et
Shall only get service when they register their case by telephone or email using the above
address rather than contacting any individual IT staff members.
Shall not be allowed to come to helpdesk support office physically to get the service.
Shall follow up the progress of the case.
Shall sign on the form provided by support team members or electronically when their
problem is solved
ISAC:
Shall prepare users' problem reporting methods.
Shall provide IT support to users with minimal possible response time.
Shall solicit the service to third-parties for support on a need base when IT staff are unable to
provide it.
shall prepare and implement users' case and knowledge management platform
Page 36

SOFTWARE and HARDWARE SUPPORT
Software Support is provided for only work related application software packages and
operating systems on MoFED's PCs, servers, laptops and other computing equipment.
Support is provided for all hardware and devices, including PCs, laptops, printers, fax,
scanners, servers, photocopiers and storage devices and so on.
Personally installed or unapproved hardware, including speakers, cameras, cell phones, etc.,
will not be supported by the IT support staff.
MODE OF SUPPORT
Support can be delivered for the user using either of the following ways:o Telephone support for minor problems and difficulties.
o Remote support through remote access or control software.
o On-site support at the end users desk where applicable.
ENFORCING SUPPORT
The IT support staff reserves the right to monitor hardware and software installation and
usage on MoFED's computer systems.
The IT support staff will conduct periodic audits to ensure compliance with this Policy.
Unannounced, random spot audits may be conducted as well.
During such audits, scanning for and removal of rogue hardware may be performed.
Unauthorized software or hardware may be uninstalled or removed at this time.
SUPPORT FOR PERSONAL EQUIPMENT
Support will not be granted for personally owned software and hardware problems on
personally owned IT equipment.
Support may be granted if ISAC authorizes the use of personal equipment for MoFED's
purposes.
KNOWLEDGE MANAGEMENT
ISAC shall develop FAQ (Frequently Asked Questions ) as part of its knowledge
management system.
Page 37
13 IBEX SUPPORT POLICY

OVERVIEW
The purpose of this policy is to establish a framework for giving technical support for Federal as
well as Regional IBEX users and describe the basic level of service that will be provided.
POLICY
Federal as well as Regional IBEX users have the right to get IBEX support service from ISAC.
GUIDELINES
It is the sole responsibility of MoFED to provide for level 3 and above IBEX support service
to all installations;
Regional Bureaus are responsible to provide for level 1 and 2 IBEX support services within
their capacity limit;
Every IBEX Support requests shall be directed to the relevant work processes through email
or fax messages
Work processes should review the IBEX request and forward to ISAC for appropriate action
in written form.
ISAC shall provide IBEX support to Federal or Regional users with minimal possible
response time.
ISAC shall implement a case management and knowledge management system to record and
manage all support requests.
ISAC assigned a case number for all recorded requests which helps users to track the status
of their request.
ISAC shall provide training for Regional/BoFED IT experts on IBEX support.
ISAC shall develop a FAQ as part of its knowledge management system.
IBEX SUPPORT COMMUNICATION MODALITY
Page 38
Telephone or fax OR e-mail are the lines of communication for solving IBEX related
problems;
o Telephone numbers: (251)11-1552400
o Fax address: (251)11-15551 89
o E-mail address: ibexsupport@mofed.gov.et
Some minor problems can also be solved using the above t Telephone numbers .
Some serious problems occurs IBEX support staff will be dispatched to the concerned
location try to solve it, otherwise they will transport the equipment to MoFED premises for
maintenance.
14 IT TRAINING POLICY
OVERVIEW
The aim of the training policy is to ensure that all employees are given the necessary help to develop
Page 39

the knowledge, skills and attitude that they require to carry out their jobs efficiently and effectively.
POLICY
ISAC provide continuous training and development by assessing ICT related skill gap and build
capacity on regular basis to improve the skills and competence of the entire workforce.
GUIDELINES
14.1.1 REQUEST FOR IT TRAINING
Training request can be initiated either by ISAC or other work processes.
Training need assessment shall be done to identify individual training requirements.
Training request must be approved based on:
o Importance of the training

o Budget
o Number of trainees
o The time table
o Location of the training
14.1.2 TRAINING ROOM
ISAC is responsible in preparing and arranging training room.
The training room must have complete training materials.
Computers and network for training room must be active and work properly.
Any technical assistance for the training room is the responsibility of ISAC support team.
Technical assistance includes any hardware or software issues including the network.
14.1.3 TRAINERS
MoFED/ISAC employs permanent trainers.
Trainers are responsible to arrange class schedule, preparing training materials and manuals.
If the training is given by third party trainers, ISAC trainers will help and arrange all the
necessary materials.
Trainers must check and approve the performance and activity of computers, network and
Page 40

other necessary software.
14.1.4 TRAINING CATEGORIES
Computer Basics
Office Application software
Internet & email
Application systems (IBEX/AMP/DMFAS, etc)

o This training will be provided for relevant federal and regional employees.
o The training will include both procedural and application usage.
15 ENFORCEMENT
Individuals who do not comply with these policies shall be subject to disciplinary action in
accordance with IT security policy. Any disciplinary action under this policy shall take into
account the severity of the offense and the individuals intent. Disciplinary action can include
revocation of privileges to use or access any or all components of the MOFED Network
Infrastructure.
In Large the Violation of this policy shall be also addressed by appropriate MoFED and
Ethiopian Criminal /civic Code
Page 41

Final Ict Policy

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Final Ict Policy

Загружено:

Авторское право:

Доступные форматы

Information System

IT Policy and guideline

MoFED /IT POLICY- VERSION 1

MoFED /IT POLICY- VERSION 1

[MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT ]

MoFED /IT POLICY- VERSION 1

13. IBEX SUPPORT POLICY

[MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT ]

MoFED /IT POLICY- VERSION 1

Acceptable Use Policy

Integrated Budget & Expenditure System

information System Administration Center

Information & Communication Technology

Ministry of Finance & Economic Development

Local Area Network

[MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT ]

MoFED /IT POLICY- VERSION 1

MoFED /IT POLICY- VERSION 1

[MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT ]

MoFED /IT POLICY- VERSION 1

The broad objectives of the MoFED IT Policy are to:

MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT

MoFED /IT POLICY- VERSION 1

ICT USERS POLICY

Users are responsible to understand and apply MoFED IT policy.

certify users credentials handover upon termination of an employee

Should not use MoFED ICT systems for personal business.

MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT

MoFED /IT POLICY- VERSION 1

Should not use external speaker by any means

Not affect the identification codes of their machine by any means

Use their identity to get access to MoFEDs ICT resources

Keep their identity properly; change their passwords regularly

Not pass their identity to second party including colleague

Perform their operations through proper ICT equipment

Place their equipment in an appropriate position

Keep their equipment clean

Never put and/or use food or beverages near PCs

Shall under no circumstances remove/replace parts of hardware.

MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT

MoFED /IT POLICY- VERSION 1

Work processes shall notify ISAC of termination of employees in writing.

Data belonging to MoFED shall be transferred to the appropriate person.

Data stored on equipment belonging to terminated users shall be removed in an appropriate

On resignation or termination of employment, users should handover all the equipment

MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT

MoFED /IT POLICY- VERSION 1

HARDWARE & SOFTWARE PROCUREMENT SUPPORT POLICY

Propose the procurement of ICT equipment based on regular assessment

Perform technical evaluation of ICT equipment and software procurement bids

Respond to any technical complaints/suggestions that might be raised from suppliers.

MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT

MoFED /IT POLICY- VERSION 1

Confirm equipments according to specification upon delivery.

Install and configure the equipment.

II.3.2. Responsibility of Finance & procurement process /Channel One Program

II.3.3. Responsibility of the property administration sub process

Formally communicate with ISAC on the acquisition of IT equipment, be it from local

MINISTRY OF FINANCE AND ECONOMY DEVELOPMENT

MoFED /IT POLICY- VERSION 1

3.1.1 HARDWARE MAINTENANCE

Outsourcing of hardware maintenance shall be done with the approval of ISAC.

Record of cannibalized parts should be maintained.

In order to keep durability of hardware, Preventive maintenance will be done based on