There are two interesting policy findings,
- Majority of businesses (77 percent) have security policies in place.
- More than half of the employees surveyed admitted that they do not always adhere to corporate security polices.
So, what are the reasons for it? In my view there are many possibilities,
- Policies are not defined correctly
- Users are not able to understand it
- It is not aligned with the business processes
- It does not have management's and business leader's buy-in
- It is not communicated properly
- There are no monitoring mechanisms in place to verify compliance
- There are no action taken in case of policy violations
No comments:
Post a Comment