29 Jul 2010 | Last updated Monday 5 July 2010 at 14:33 | Subscribe to our feed
Home | ICT security policy review

ICT security policy review

Client name: 
Salisbury District Council
Salisbury District Council has strategically integrated and improved organisation-wide understanding of ICT security following an independent review by Socitm Consulting. The review supported the Council in establishing a corporate ICT security policy in line with its ICT strategy and in promoting ICT security procedures across the organisation in accordance with current standards and best practice.

 

The project issues
The Council’s ICT strategy committed it to developing a comprehensive ICT security policy as part of achieving ISO 17799 compliance. However, no specific ICT management or security policy statement existed, making it difficult for ICT management and security procedures to be understood and implemented across the organisation. Socitm Consulting was asked to review the Council’s ICT security policy requirements, to produce an ICT Security Policy, to make recommendations for the management of the policy once adopted, and to assist in its implementation.

The Socitm Consulting solution
Interviews with key Council staff from the audit, HR and ICT departments established that the Council already had a number of policies and procedures in place, but that there was no complete written ICT policy document to encompass these.

Socitm Consulting produced an ICT Security Policy, cross-referenced with existing Council policy and procedure documents, which fully integrated ICT security with current ICT and Information Management strategies, policies and procedures. A key element was the promotion of best practice ICT security procedures across the organisation. All staff were advised to read, understand and accept the policy, and procedures for the HR department were clarified in the event of staff not abiding by the security policy.

The benefits to the client
By providing expert assistance in integrating a written ICT security policy within the wider ICT strategy, Socitm Consulting was able to support the Council in clarifying its existing information security procedures and implementing and managing them across the Council. The existence of a written document enabled staff quickly and easily to understand ICT security procedures and provided a foundation for the promotion and management of ICT security in the organisation.

Project identification
Client organisation: Salisbury District Council
Client contact: Les Wright, Head of ICT, Tel. 01722 434259, lwright@salisbury.gov.uk
Lead consultant: christine.westlake@socitm.gov.uk
Project no: 6061

  | Tags: Information assurance, Shire districts, South West, Security management

Related items

You may also be interested in these items

Copyright © 2009 Socitm Consulting Ltd. All Rights Reserved

 

Powered by Drupal and Drupal Theme created with Artisteer by Andy Grant

Designed by Boilerhouse.co.uk