Case Study

Review and update ICT Policies

Client Details
  • Regional Council
The Challenge(s)
  • Outdated ICT policies that are not suitable for the current ICT environments
  • Policies need to be written in a consistent and easy to understand way so that all staff can follow them
  • Time constraints, needed to provide core policies within a short timeframe
  • Lack of a Cyber Security strategy or risk assessment methodology
The Solution
  • Review current ICT Policies and identify requirements to revise and update them in alignment with the NSW State government guidelines
  • Draft Risk Management Policy, Cyber Security Policy and other related policies while taking into consideration the state and capabilities of current systems.
  • Workshop policies with stakeholders and ensure that there is a clear understanding of the responsibilities and inherent tasks that need to be carried out to meet the policy requirements.
  • Finalise and present policies to council for approval.
  • Propose a program of works and solution requirements that need to be added to the ICT Strategic Plan.
What did we learn?
  • The key lesson learned is to keep the policies as effective and practical as possible buy keep them simple to follow by all staff.
  • Internal discussions and review of the ICT Policies should be carried out as part of the councils Security Awareness training.
Share on facebook
Share on twitter
Share on linkedin
Share on email