Posted by: Robert Davis
Conduct Code, Due Care, Due Diligence, Employment Practices, Information Assets Protection, Misappropriation of Assets, Safeguarding Assurance
Usually, it is easier to purchase an automated solution addressing IT control practices than to change an entity’s culture. Nevertheless; even the most secure system will not achieve a significant degree of protection if utilized by “ill-informed, untrained, careless or indifferent personnel.” Thus, all entity employees should be instructed in practicing due care and due diligence of information assets. Furthermore, a well structured IT function, staffed with appropriately qualified individuals, forms the foundation for high-quality performance and is the basis for providing positive safeguarding assurance to interested parties.
“View Part I of the Effective Employment Practices for Protecting IT series here“