Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Effective Policy Enforcement Involves Technology

Michael Rasmussen | October 30, 2012

I find that ineffective and unenforced policies are rampant within organi­zations, and are a thorn in the side of compliance and policy managers.

Mismanagement of policy has grown exponentially with the proliferation of documents, collaboration software, file shares, and Websites. Organizations end up with policies scattered on dozens of sites with no defined understanding of what policies exist and how they are en­forced. An ad hoc approach to policy management allows anyone to create a document and call it a policy—exposing the organization to unnecessary liability. Policies end up being written poorly, out of sync, out of date, exceptions are not documented, and the organization has no evidence if the policy is enforced.

Document-centric approaches to poli­cies—that lack technology to manage communication and enforcement—are a recipe for disaster. While it appears easy and cheap to just use documents and send them out via e-mail, or post them in a file-share or...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.