Security Basics mailing list archives
RE: How to distribute corporate policies
From: "Robert D. Holtz - Lists" <robert.d.holtz () gmail com>
Date: Fri, 13 Oct 2006 15:52:39 -0500
Make sure you have the blessings of HR and you have let your attorneys stretch their suspenders. If you don't make the person sign something indicating that they have read and understand the procedures and policies set forth in the document that they have just read then you're just wasting your time. If someone violates a policy and there is no proof that they knew about the policy then you don't have much of a case. You don't stand much of a chance of going after them legally. Sure, you can still fire them for whatever reason, but the damage is already done if it has set the company back fiscally. HR should be the group to do the actual distribution. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Nick Duda Sent: Thursday, October 12, 2006 11:59 AM To: security-basics () securityfocus com Subject: How to distribute corporate policies I'm curious as to how other corporations distribute its InfoSec policies to its employees. A task I will be faced with soon is distributing (making known) corporate policies such as Acceptable Use, Password, AntiVirus....etc. For them to abide by policy they need to know about them. Should they also sign them? That would be a lot of paper, or should they just be placed on an intranet type of setup to view. If that's the case (intranet) what are methods of announcing them and future new policies as they are written, email? I'm looking for opinions and how others do this. Regards, Nick --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- How to distribute corporate policies Nick Duda (Oct 13)
- RE: How to distribute corporate policies Robert D. Holtz - Lists (Oct 15)
- RE: How to distribute corporate policies {Scanned} Josh Redmond (Oct 15)
- <Possible follow-ups>
- Re: How to distribute corporate policies krymson (Oct 13)
- RE: How to distribute corporate policies Hagen, Eric (Oct 15)
- RE: How to distribute corporate policies Dickman, Jeff (Oct 15)