Is anyone reading the Information Security Policy?
Added: (Wed Jan 05 2005)
Pressbox (Press Release) -
For IT professionals frustrated by the ever increasing security breeches caused by employees who have not read the security policy, Cetis Ltd has developed KT Accept policy communication software.
Designed to minimise the time and effort associated with communicating polices, procedures and bulletins, KT Accept is fully customisable and includes a powerful, user-friendly learning management system (LMS). The LMS automates monitoring and evaluation to ease policy management and administration.
The ability to reinforce messages and test understanding is a core aspect of the software. IT managers write their own key learning points and questions to ensure compliance. The test results are presented in multiple reports for assessment of awareness and to identify where remedial training is required.
“Human error rather than flawed technology is the root cause of most security breeches,” reports PWC & the Department of Trade & Industry. “The best policy in the world is useless if no one knows about it. New employees should be briefed on the policy when they join. Existing employees should be informed about changes in policy in an efficient manner,” continues the report.
Adrian Woodcock, Cetis Managing Director, explains, “KT Accept has three primary benefits. It makes effective policy communication easy. It saves the time and cost of fixing problems caused by employees who have neglected to read the information security policy. Finally, it gives IT departments an audit trial to comply with the increasingly complex regulatory environment.”
The software is suitable for Sarbanes Oxley section 404 and 302 compliance. For 404 compliance, KT Accept provides complete evidence of everyone who has read, understood and accepted all policies or procedures. On section 302, the software is a tool for reporting any concerns.
The system is flexible and can be integrated into existing systems. It operates on a network, intranet or the Internet. Alternatively, there is a managed service version to unburden overstretched IT departments.
KT Accept shares the highly successful KT e-learning platform, which has over 270,000 users, including 60% of police forces, government and leading financial institutions.
ENDS
Notes
• Adrian Woodcock is a registered consultant for ISO 17799 and still regularly trains and advises companies on achieving the standard.
For further information please contact Jonathan Jackson at Cetis Ltd. Telephone: 0116 255 5401. Email: jonathan.jackson@cetis.co.uk, Web www.cetis.co.uk