tracker

TQMC

TQMC has acquired wide Domain Knowledge and Experience. You can FREELY access it here and here

DISCLAIMER: This matter here is a guide only. For authentic and up-to-date information, please contact TQMC.

The DIRECTIVES and STANDARDS listed here may have been subsequently REVISED . You must refer to the CURRENT REVISION and AMENDMENTS if any.

Wednesday, March 4, 2009

software licensing



> I am writing a policy on software licensing and need help with roles
> and responsbilities to be included in such a policy.

Hi Khaya,

I would suggest:

- widening the policy to cover "protection of Intellectual Property Rights"
(of which software licensing is just a part)

- identifying the nominal rĂ´le of IPR Manager: someone should be accountable
to management for ensuring that IPR belonging to the organization and to
third parties is adequately protected through appopriate controls e.g.
contracts, licenses, access controls, compliance

- allocating associated key responsibilities to employees, managers,
Procurement, IT, Legal, Internal Audit, Finance etc. ... More below

- one of the responsibilities should be for someone or some function
(perhaps IT or Finance?) to maintain a register of IPR, acting as a central
clearing house for software licenses etc.

- compliance responsibilities should include periodically reviewing/auditing
and reconciling software installed and in use against the license on the IPR
register

- if you supply your IPR to third parties, you should determine what if any
controls and compliance activities would be appropriate

- dept heads, or really managers in general, should be responsible for
overseeing their staff and raising awareness of IPR policies and controls
where necessary

Kind regards,
Gary





--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "ISO 27001 security" group.
To post to this group, send email to iso27001security@googlegroups.com
To unsubscribe from this group, send email to iso27001security-unsubscribe@googlegroups.com
For more options, visit http://groups.google.com/group/iso27001security or the main websitehttp://www.iso27001security.com
-~----------~----~----~----~------~----~------~--~---

 Reply
 Forward

No comments:

Post a Comment