ITIL security guidance

Dear Wizard

Does ITIL contain some reference about signatures, and disclaimers in outgoing mails ?

I'm certified in ITIL foundations, and i've done some research about but nothing has been found. There's the typical disclaimer, but nothing more i think.


Dear Puzzled

Your Foundation instructor was right: ITIL covers everything. Of course it can't possibly cover EVERYTHING in five books, but in spirit it does. It is sort of like the IT equivalent of God: ITIL is everywhere, in everything.

So the problem is to access the wisdom of ITIL. The best source for this is LinkedIn group discussions, other forums, personal blogs, and Yahoo chat groups. Here you will find many like you who have done the Foundations and are now turning their hand to interpreting the intent and spirit of ITIL for the rest of us. You will also find a few people with even more advanced understanding of ITIL than Foundation, and every now and then that rare beast - someone who has actually used it in their job.

You should try it, Puzzled. Look at emails until you see a signature that speaks to you, as if it came from ITIL itself. Trust your instincts, and then share them with everyone else.

If you don't feel you are cut out to channel ITIL, then find an email sent by somebody who once met one of the ITIL authors, and see what they use as signature and disclaimer. It is bound to be ITIL-inspired. If you can't find that, look at what IBM use on their emails - after all they first wrote ITIL you know.

Good luck!
The ITIL Wizard


Out of scope

Dear Puzzled,

Your point is out of scope of the ITIL service management best practices.
First of all, the signature. The signature is no more than your business card references added at the end of your e-mail. This is for the business to decide (HR department and communication department), not IT alone. IT will only be eventually responsible for configuring it within the company/group messaging system.
Secondly, the disclaimer. Once again, the disclaimer is no more than a statement the company wishes to add to all outgoing mails (outside the company or the company group) intended to specify or delimit the scope of rights and obligations that may be exercised and enforced by parties in a legally-recognized relationship (i.e. protecting content if received by wrong recipient). Once again, this is for the business to decide (HR department and communication department) and IT to configure within the company/group messaging system.

For example, in my company, whenever I create a new mail, it automatically inserts my signature, a disclamer and an "Before printing, think about the environment" (all automatically present in my e-mail "signature" file). It is imposed by the company and the messaging system is setup so that you may not modify your defaut e-mail "signature". Of course, you may always overule the system by creating a personal signature than you could use instead of the official one (i.e. delete the offical signature from your mail and manually add you personal signature) but at your own risk (against company rules).

At a client company of mine, I know that no defaut signature is automatically added to messaging system. It's up to the end-users to configure their Outlook "signature" based on a template provided by the communication department.

Personally, automating the "signature" is the best way (imposed by the company). This avoid misuse of the signature (i.e. saying your are "IT manager" instead of "IT support specialist" ;-) and ensures the business knowns no one is making a mistake by inserting an erronous signature that could negatively impact the company image.
Furthermore, many companies often use different terms for your internal and external job function (i.e. internal = unit manager ; external = Service director).

So my suggestion would be - leave it to HR - only provide assistance for eventually configuring the messaging system for automation and providing guidance to the end-users to use the company electronic messaging system correctly.


Syndicate content