Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

IT Security policies not backed up by adequate fulfilment processes.

NETconsent : 27 July, 2007  (Technical Article)
NETconsent survey reveals that whilst IT security policies exist in a large number of organisations, the ability to implement these policies is hampered by inadequate processes.
NETconsent has announced new research showing that professionals are risking their reputations by accepting Information and Communication Technology (ICT) policies without understanding the documents they are agreeing to.

The poll, undertaken by NETconsent and The Federation Against Software Theft, highlights that 94% of members have ICT security policies in place at work, of which almost two thirds (60%) are updated at least once a year. While this is encouraging news, it is nullified by the fact that more than three quarters (77%) of respondents do not have a process in place to ensure these policies are understood.

With just under half (44%) of respondents claiming that they lacked confidence in their colleagues understanding of ICT policies, organisations are increasing the risk of policy breaches. 40% of respondents admit that they have had to initiate disciplinary procedures as a result of a member of staff breaking ICT policies. The costs of such occurrences can escalate quickly; nearly three quarters (70%) of associated costs are spent on putting a case together and attending disciplinary hearings; diverting attention from other more strategic human resources (HR) functions.

Dominic Saunders, NETconsent's Operations Director, says: "It is surprising that such a high proportion of respondents have concerns surrounding their colleagues' understanding of policies yet still don't have a process to educate and test policy recognition. Effective policy management is fundamental to managing risk and improving compliance."

"Increasingly organisations are looking for practical ways of managing the policy management lifecycle to cut administration costs and protect themselves against litigation. Policy management tools like NETconsent, are fast becoming an essential application for those serious about demonstrating best practice and exemplary corporate governance."

"IT compliance is a legal requirement', states John Lovelock, Director General of The Federation Against Software Theft. 'All Board Members must take their responsibilities seriously to ensure that organisations are complying with the law. Policies are an important communication tool not only to educate users and remind them of their rights, responsibilities and the consequences of their actions, but also to protect them.'

Other Key Findings include:

Regular updates keep disciplinary hearings and tribunals down: Only 44% of respondents have an ICT policy that states how often that document should be reviewed and/or updated. Worryingly 10% of respondents would never update that document.

Annual check-ups: Although 60% of respondents update ICT policies on an annual basis, almost a third of respondents have dealt with a disciplinary case within the past year.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo