~~NOTOC~~ ====== File Storage and Management Policy ====== Digital information is one of the school's most valuable assets. This policy provides the framework to protect and use that asset effectively. By standardizing our file storage and adopting clear best practices, our goal is to ensure continuity of operations, and safeguard the data of our community. This document outlines the procedures and responsibilities that will help us achieve this. ===== Purpose ===== The primary objectives of this policy are to: * Ensure the **security and integrity** of all school data. * Guarantee the **accessibility and long-term retention** of digital assets for operational continuity. * Standardize file management practices to improve **collaboration and efficiency**. * Enhance **oversight and control** over data shared with external parties. * Define clear **roles and responsibilities** for data stewardship. ===== Scope ===== This policy applies to all school-related digital information, documents, and files created and handled by staff, regardless of the device used. ===== Core Policies ===== The following principles form the foundation of our file management strategy and must be adhered to by all staff. * **Official Storage Platform**: The sole approved platform for storing all work-related files is **Google Drive**. The use of Microsoft OneDrive, local hard drives, or other unauthorized cloud services for storing school files is henceforth prohibited. * **Shared Drive Mandate**: It is expected that the majority of all work-related files are stored within the officially provisioned departmental __Shared Drives__. This is the default and primary method for storing files to ensure business continuity, proper data ownership, and collaboration. * **Personal Drive Use & Exceptions**: Storing general school documents in an individual's __My Drive__ should be limited to working copies and drafts. Once documents are deemed as ready for use, they should be moved to the appropriate departmental __Shared Drive__. The only exceptions are for specific cases involving highly sensitive data that requires restricted access. Use of __My Drive__ for school files is by exception only and does not replace the Shared Drive mandate. ===== Shared Drive Structure ===== Each department and work unit will be provisioned with two dedicated Shared Drives to clearly segregate information based on its intended audience. ==== Internal Drive ==== This is the primary drive where all day-to-day operational files and data are to be stored. * **Purpose**: For all documents related to internal departmental and cross-departmental work. * **Examples**: //Curriculum plans, internal reports, administrative documents.// * **Access**: Restricted to members of the department or specific internal project groups. * **Sharing**: Limited to members of Korean International School. Sharing with «Korean International School» should be avoided as it shares files with everyone irrespective of whether they are staff or students. Departments should instead use specific sharing groups or target audiences. ==== External Drive ==== This drive is designated for files that must be shared with individuals or organizations outside of the school. * **Purpose**: To provide a controlled and auditable environment for sharing information with external parties. * **Examples**: //Vendor contracts, parent communications, event information for external partners, documents for accreditation bodies.// * **Access**: While stored here, files should still be shared on a need-to-know basis using specific user permissions rather than public links whenever possible. * **Sharing**: Sharing with external parties is permitted. Sharing with «Anyone with the link» should be strictly avoided for sensitive school data. Whenever possible, sharing should be done using specific external Gmail accounts. ===== Roles and Responsibilities ===== ==== All Staff ==== * Store all work-related ready for use files exclusively in the appropriate departmental Shared Drive. * Adhere to file and folder naming conventions to ensure clarity and searchability. * Manage sharing permissions appropriately, especially for files in the "External Drive". * Avoid storing personal or non-work-related files in the school's Google Drive environment. ==== Department Heads ==== * Oversee their department's Shared Drives to ensure they remain organized and compliant with this policy. * Manage access to Shared Drive membership as staff roles change. * Ensure new staff members are briefed on this policy and granted access to the necessary drives. ==== IT Department ==== * Provision and manage all Shared Drives and top-level folder structures. * Conduct periodic, non-intrusive audits of the Google Drive environment to ensure policy compliance. * Provide training and support to staff on proper file management practices. ===== Policy Enforcement ===== Compliance with this policy is essential for the school's operational security and efficiency. The IT Department will perform regular audits. Non-compliant files (e.g., sensitive school data stored in personal drives without authorization) may be moved to the correct location or have sharing permissions revoked. Repeat non-compliance may be reported to the relevant Department Head for follow-up.