File Storage and Management Policy

Digital information is one of the school's most valuable assets. This policy provides the framework to protect and use that asset effectively. By standardizing our file storage and adopting clear best practices, our goal is to ensure continuity of operations, and safeguard the data of our community. This document outlines the procedures and responsibilities that will help us achieve this.

Purpose

The primary objectives of this policy are to:

Ensure the security and integrity of all school data.
Guarantee the accessibility and long-term retention of digital assets for operational continuity.
Standardize file management practices to improve collaboration and efficiency.
Enhance oversight and control over data shared with external parties.
Define clear roles and responsibilities for data stewardship.

Scope

This policy applies to all school-related digital information, documents, and files created and handled by staff, regardless of the device used.

Core Policies

The following principles form the foundation of our file management strategy and must be adhered to by all staff.

Official Storage Platform: The sole approved platform for storing all work-related files is Google Drive. The use of Microsoft OneDrive, local hard drives, or other unauthorized cloud services for storing school files is henceforth prohibited.
Shared Drive Mandate: It is expected that the majority of all work-related files are stored within the officially provisioned departmental Shared Drives. This is the default and primary method for storing files to ensure business continuity, proper data ownership, and collaboration.
Personal Drive Use & Exceptions: Storing general school documents in an individual's My Drive should be limited to working copies and drafts. Once documents are deemed as ready for use, they should be moved to the appropriate departmental Shared Drive. The only exceptions are for specific cases involving highly sensitive data that requires restricted access. Use of My Drive for school files is by exception only and does not replace the Shared Drive mandate.

Shared Drive Structure

Each department and work unit will be provisioned with two dedicated Shared Drives to clearly segregate information based on its intended audience.

Internal Drive

This is the primary drive where all day-to-day operational files and data are to be stored.

Purpose: For all documents related to internal departmental and cross-departmental work.
Examples: Curriculum plans, internal reports, administrative documents.
Access: Restricted to members of the department or specific internal project groups.
Sharing: Limited to members of Korean International School. Sharing with «Korean International School» should be avoided as it shares files with everyone irrespective of whether they are staff or students. Departments should instead use specific sharing groups or target audiences.

External Drive

This drive is designated for files that must be shared with individuals or organizations outside of the school.

Purpose: To provide a controlled and auditable environment for sharing information with external parties.
Examples: Vendor contracts, parent communications, event information for external partners, documents for accreditation bodies.
Access: While stored here, files should still be shared on a need-to-know basis using specific user permissions rather than public links whenever possible.
Sharing: Sharing with external parties is permitted. Sharing with «Anyone with the link» should be strictly avoided for sensitive school data. Whenever possible, sharing should be done using specific external Gmail accounts.

Roles and Responsibilities

All Staff

Store all work-related ready for use files exclusively in the appropriate departmental Shared Drive.
Adhere to file and folder naming conventions to ensure clarity and searchability.
Manage sharing permissions appropriately, especially for files in the “External Drive”.
Avoid storing personal or non-work-related files in the school's Google Drive environment.

Department Heads

Oversee their department's Shared Drives to ensure they remain organized and compliant with this policy.
Manage access to Shared Drive membership as staff roles change.
Ensure new staff members are briefed on this policy and granted access to the necessary drives.

IT Department

Provision and manage all Shared Drives and top-level folder structures.
Conduct periodic, non-intrusive audits of the Google Drive environment to ensure policy compliance.
Provide training and support to staff on proper file management practices.

Policy Enforcement

Compliance with this policy is essential for the school's operational security and efficiency. The IT Department will perform regular audits. Non-compliant files (e.g., sensitive school data stored in personal drives without authorization) may be moved to the correct location or have sharing permissions revoked. Repeat non-compliance may be reported to the relevant Department Head for follow-up.