Effective Policies

Organisations must have published, accessible, clear, unambiguous, age appropriate policies that state their policy with respect to Internet access, monitoring, blocking and the consequences for violations.

Policies should be regularly reviewed and updated when necessary.

This policy documentation forms the basis of user education, IT / Security Department enforcement (firewall policies, logging and monitoring), Human Resource or Safeguarding monitoring and escalation.
These policies also need to be compliant with current legislation, including data protection legislation, respecting privacy and other rights of users.

Awareness training must also be regularly provided for all users in this regard, keeping the ‘audience’ up to date with the organisations position and policy changes in a timely manner..

Organisations often acquire boiler place policies, have someone edit them a bit and then someone else review them a bit. This is clearly not effective for these important documents that could end up as a part of decisions being made by a magistrate or judge against your organisation.
Competent, subject matter experts should be responsible for policy production and review within an organisation and have at least some legal training or knowledge.
Even where qualified legal staff are present or available they will need to collaborate with leadership and subject matter experts to get it right and reflect the organisation’s values and objectives within the required legal framework.

Products and services we can provide:

Consulting:- Review and recommendations of policy and related documentation in areas of our subject matter qualification.