“From basic to complex, every organization should have and maintain an IT Security Policy. Straightforward, often simple guidelines for everyone in the organization to adhere to can enhance data security, prevent confusion and increase productivity.”
– Patrick Torney – eDot
The following article written by: Compass IT Compliance
Policies and Procedures are two of the words that most employees dread to hear, especially when it comes to IT Security. Why does this phenomenon occur? Is it because people do not want to be told what to do? Is it because people feel as though they are being “micromanaged” when they have to abide by and comply with policies and procedures? The answer is that it is probably a little of both and for many other reasons that are unique to each specific company. The next obvious question is why do we need to have IT Security policies and procedures? Well, there are many reasons and here are the top five reasons, in no particular order:
- They address threats.
- They engage employees.
- Who does what, when, and why?
- Who gets access to what.
- Who gets access to what.
These top five reasons are explained in more detail in this informative article.