Information Policies in Organizations

The information age has brought slightly rapid changes to the ways in which businesses conduct day to day operations. Although this motion to electronic commerce has resulted in extraordinary advantages in terms of urge on and cost-effectiveness of business, it also presents brisk challenges in the workplace. The information that is available to everyone on the internet, and much curiously to individuals within an boldness is far greater now than it was exactly a few years ago.Despite the obvious advantages of this forward try of technology, it creates a severe problem with control of information. Whereas organizational information in the past would typically follow a formal chain of didactics or an informal office converse network, it bath now be passed around the world in milliseconds over the internet. Implementing and maintaining a set of checks and balances to find out that netmail and other means of electronic communication ar give only in an acceptable manner t rick prove to be a difficult, time-consuming and costly endeavor.Therefore it is critical for any organization to establish policies and procedures for dealing with these problems in order to en certain(predicate) the association is not faced with a liability problem for the diffusion of indecent, harassing or defend information. A good starting point for an organization to try to minify exposure to these sort of problems is by defining what is and what is not acceptable intake of goods and services of e-mail and other office communication systems. Policies and procedures can then be developed around this translation. Acceptable utilization is defined as the use of e-mail and other go with information systems for business purposes.The policies and procedures regarding acceptable use essential be in writing and be communicated to all the employees of the organization. A written policy should include some of the following the key elements which are necessary for a typical or ganization entering the information age. get what is and is not appropriate use of partnership communication systems. This definition moldiness be congruent with other troupe policies. For example, it should outline what is considered to be wicked or harassing material and the policy should clearly stir that the company lines of communication are not to be used to distribute this sort of material.Furthermore, this definition should be all-inclusive in that it moldiness cover all types of potential drop problems from discrimination, to individuals individualized information rights. The reason this is so critical is because this definition allow for form the framework of the companys information policy and will therefore be the critical legal element which stands to prevent these potential problems and serves to nurse the company from liability should problems occur regardless of existing policies.In order to protect the company further from exposure to legal action, the forma l policy must also include the procedure that employees can follow should their rights be infringed upon. not only should victims of e-mail harassment or discrimination be encourage to enter forward and report the problem, they must also be sensible that the company will not let such action assume the employee in any negative way. Otherwise the organization is leaving themselves uncivil to allegations of covering up or failing to follow through on employee complaints.The policy must earth that such reports will be unploughed in the strictest confidence and that victim is free to report an incident to mortal other than their direct supervisor if necessary. Generating the confidence necessary for someone to come forward with allegations of harassment involving misuse of company information systems can be improved by clearly stating in the company policy that separately complaint will be investigated thoroughly. Although the previous policies may foster nudity with regard to reporting problems in the organization, they do not do a great deal to prevent the problem.Therefore it is crucial that the policy state the legal implications for everyone involved in such an incident. This portion of the policy should state that victims will be free from retaliatory actions from management and other employees and that those responsible for(p) for investigation will keep all information as overconfident as possible and conduct the investigation as objectively as possible. Most importantly however, the consequences for those who are disgraced of causing the problems must be clearly outlined.Prompt and decisive disciplinary action should be administered as soon as anyone in the company is found guilty of wrongdoing. It would be foolish for management to expect that such a policy would free the organization from minor complaints or even large scale equity suits resulting from information systems misuse. It is necessary for organizations to educate their employees on the proper use company communication systems and it is best to do this at the initial orientation mannequin of an employees career.Since most companies hire on a continual basis, it would be leaden to train new employees using a standard lecture method. The use of programmed instruction and computer based homework can help to take over this problem through the use of pre-programmed software specific to the companies needs. This sort of training would save time by introducing new employees to standard procedures such as logging on and conducting daily communications.Computer based training can also make reference to company policy and procedure including rights of victims and consequences of those guilty of misuse. A self-administered computer based training program can be developed using standard office applications such as Microsoft mathematical function and can be generated by a knowledgeable user in just a few days. This type of training program must be supplemented by a hardcopy of standard rules and procedures for use of company e-mail and also include a copy of the companys policy as antecedently outlined.Each new employee would be required to complete the self-administered training program and to sign a copy of the companys polices and procedures before receiving e-mail authorization. Once in place, this programmed instruction can be further modified to include guidelines for storing categorize documents and messages. Certain information that is passed through company information lines is not mean to go outside(a) of the organization and it is important for management to make sure all employees are aware that they are responsible for protecting company information.Computer based training can also teach new employees how to manage their e-mail files so that important messages are stored in a received file in which only that employee can access with their personal password. It is very difficult to ensure all employees follow e-mail polices and procedures, particularly if the companys computers have internet access and can sent e-mail to outside organizations from within the company.Periodically reminding staff about the sensitive nature of company information and frequent changing of passwords can help to prevent distribution of important information to those with no need or right to the information. In the case of highly sensitive documents, it is possible to arrange communication networks so that the important documents or data can only be accessed on certain computer terminals. This will allow the company to install firewalls, which can be useful for guarding the integrity of the information.