How to Get IT Security Compliance Under Control Fast
Have you tried to implement a comprehensive information security framework like ISO 27001 or COBIT but nobody is doing what they are supposed to do? A lack of accountability in the workplace is often the main reason.
Compliance with an ISO 27001 or COBIT-based IT Information Security Strategy Requires Accountability
Making the decision to get serious about information security and to use a comprehensive information security framework like ISO 27001 or COBIT is a big first step. However, allocating the resources necessary to make it a reality and actually executing the process to become compliant in all areas is a major achievement.
The Biggest Obstacle – Lack of Accountability
Once defined, ongoing compliance with a comprehensive information security strategy requires:
- Unequivocal senior management support to enforce cross functional policies and processes,
- Disciplined project management to make sure things get done, and
- A strong culture of accountability in the workplace to make sure nothing falls through the cracks.
The biggest obstacle to ensuring ongoing IT security compliance is most often a weak culture of accountability. Management support and project management efforts will do no good if people are just not completing the tasks assigned to them. Especially when these tasks do not clearly relate to their day-to-day job and what they are being evaluated on.
More Than Just Project Management
If all other elements are in place (i.e., IT information security framework, policies, procedures, roles and responsibilities, etc.) then a quick fix to drive accountability in the workplace is to begin tracking task completion performance at the individual and team levels. Once this information is properly managed, tying it to the individual’s performance evaluation or incentive processes will close the loop to make sure things get done.
An accountability tool like CommandHound, build from the ground up to drive accountability in the workplace, is a great addition to any task or project management tool. In addition to being a task management and project management tool, CommandHound adds 3 significant features:
- Escalation and rerouting of tasks when they are not completed on time as expected
- Tracking of completion performance at the individual level to understand and reward on time completion of milestones
- Management by exception to maximize management’s time by displaying on a dashboard the areas that are falling behind where attention is immediately needed
Drive IT Security Compliance
If you have already made the sizable investment to rollout a comprehensive IT information security strategy using a framework like ISO 27001 or COBIT, wouldn’t you like to see this investment payoff?
Would you like to learn more about how CommandHound can help you drive accountability in the workplace to make sure things are getting done, on time, every time?