Gartner Research

IT Policies Checklist and Content Best Practices

Published: 19 June 2013

ID: G00249746

Analyst(s): Andy Rowsell-Jones , John Mahoney, Heather Colella


An effective policy framework is essential for CIOs and other IT leaders to ensure that the enterprise makes good use of IT, and to maintain a well-run IT organization. We outline a checklist of recommended policy areas, and outline a best-practice set of IT policy content elements.

Table Of Contents


  • Why It's Necessary to Establish Effective IT Policies
  • Recommended Checklist of Frequently Used IT Policy Topics
    • Behaviors, Values and Service Culture
    • Contractor/Employee
    • Electronic Communications Use
    • Personal Devices and Applications in the Workplace and Connected to the Enterprise's Systems — Use and Connection
    • Procurement
    • Quality
    • Regulatory Compliance
    • Security
    • Service Management and Operational Service Problem Solving
    • Sourcing
    • Ways of Working
    • Workstation and Client Device Environment
  • Best-Practice Elements of an IT Policy
    • Title
    • Signatories
    • Policy Objective
    • Intended Audience
    • Policy Statement
    • Compliance Statement or Reference to Compliance Framework
    • Roles and Responsibilities for the Policy
    • Policy Dates, Version Number and Change History
    • Review Timetable
    • Policy Owner
    • Change Authority
  • Best Practices for Policy Creation and Review
  • Monitoring Compliance and Policy Success Key Performance Indicators (KPIs)

Recommended Reading

©2020 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Purchase this Document

To purchase this document, you will need to register or sign in above

Become a client

Learn how to access this content as a Gartner client.