Monday, September 21, 2009

Using Technology to Enforce Policy (Key #6: Effective and Consistent Program Enforcement) - Highlights of chapter 18 of Information Nation 2e

Organizations should anticipate the kinds of Information Management program violations they are likely to face, and how they will address such violations when they occur. A helpful exercise is identifying those policy elements that can be enforced “automatically” through proper configuration and management. The term “automatically” is used with caution, as all technology, no matter how advanced or sophisticated, still relies on humans for its proper configuration and management, even if it is as simple as just “flipping a switch.”

Although new and powerful enterprise auditing and monitoring tools are continuously being developed, it is simply not feasible to automatically track and enforce each employee’s compliance with Information Management policies and procedures. While it is technically possible to create log files and other “electronic trails,” which show how employees have been using company systems, it is another matter having the tools, people, and time to make sense of all that information.

Read about examples of how policies can be enforced “automatically” with technology, while others require manual intervention, in the second edition of Information Nation, available from John W. Wiley & Sons. For more information, see

Comments? Contact the author at

No comments: