Establish accountability. If a person knows that there will be random security checks, he/she will be much more likely to self-check. It's human nature. Along the same lines, managers who create a compliance audit plan are more likely to follow up than those who do not.

Apply the rules to everyone. I have heard it said that managers who feel that the rules don't apply to them create the biggest risk to corporate IT security. In fact, the clearance held by top executives means that they are the greatest risk, and they should probably be even more careful (not less).

Be ready to take action. Treat security breaches with speed and commitment. You don't want to be overly punitive, but you also don't want to be a haven for scofflaws that aren't working with the rest of the company to keep everyone safe. More than likely, if you are prepared to follow through with those who are breaking policies, you won't have to.

Review your business practices at the slowest time in your annual sales cycle. The mere existence of this set of documents does not automatically improve practices. Policies and procedures only work if they are accurate, relevant, and known.

When teams work together, crimes are prevented. Well-written policies and procedures bring unity and understanding, keeping people and possessions safe. When security is breached in spite of the efforts, a well-thought out backup plan will ensure that the problem is resolved as quickly and as painlessly as possible. Far from being a distraction, when written with respect and participation, the development and implementation of policies and procedures has a positive effect on job performance, safety, and productivity.

Page 3 of 3 :: First | Last :: Prev | 1 2 3 | Next