Closed warmanaMOJ closed 6 years ago
To test the process, I am going to ask two questions! 1) In the approval list for 'major' changes, is it an 'any of these people can approve' or 'all of these people must approve'? 2) In the approval for minor changes to IT Policy, I am not sure why my role as CISO is explicitly called out, given a lot of IT Policies could be not specifically tied to security aspects. Was there something here I'm not spotting?
Thank you!
Considering all parts of the update work, the review and approval has certainly been the most - challenging. I would be very happy to re-open this discussion, especially now that we have some real documents to consider.
Thanks for the clarifications Adrian! Could I suggest a slight tweak to make it clear for both of these boxes that the approval list is therefore 'all of these people', but other than that I'm very happy with this, and agree we should now try the process out in anger!
Thank you, will update as you say.
Please would you review the proposed (updated) content process diagram, here: https://github.com/ministryofjustice/itpolicycontent/blob/master/Content%20process.pdf
This issue is a test of the process itself, to record your approval.
The diagram adds mention of GitHub, so that we can use this (prefer it) for requesting and recording approvals. The diagram allows for non-GitHub approvals, by including mention of email requests and recording a PDF copy of the approval within the GitHub repository. The effect is to make GitHub definitive for recording development, review, and approval of content.
Thank you.