November 16, 2023
IT policies act as a roadmap for navigating the constantly evolving technology landscape. They provide a framework for addressing challenges, ensuring compliance, managing risks, and harnessing the benefits of emerging technologies while maintaining stability and security within an organisation. A selection of examples of the role IT policies play include...
October 05, 2023
When drafting IT policies, aligning the content with best practice guidance helps to ensure that your organisation operates securely, efficiently, and in compliance with relevant regulations. It also positions your organisation to effectively adapt to changing technology landscapes and emerging threats.
September 06, 2023
Developing and maintaining IT policies can be challenging. However, with a proactive approach, commitment from leadership, allocation of resources, clear ownership of policy management, a culture of security awareness, and compliance within the organisation, the challenge can be met. Conducting regular reviews, and providing training programs and ongoing communication are key elements of a successful policy development and maintenance exercise.
July 19, 2023
Generative artificial intelligence (AI) systems are increasingly being used at work and home, with a view to increasing productivity, being more creative and making better data driven decisions. Managing the risks of using generative AI is a hot topic and should be front of mind for organisations, some steps worth taking are:
June 01, 2023
Local Digital is a community of organisations working together on a shared vision: to deliver more user-centred, cost-effective local public services through open, collaborative and reusable work. Research previously conducted by Local Digital identified that local authorities in England don’t have a clear baseline “standard for cyber security”.
April 13, 2023
The maintenance and upkeep of IT policies is typically driven by changes in business requirements, the adoption of new technology, changes in best practice standards, or increasingly a cybersecurity incident. In some of these examples policy maintenance and upkeep work may not be too significant however, when it comes to changes in a standard the work to review and edit policy wording to ensure it is aligned with the updated guidance can be significant.
March 15, 2023
IT Policies play a key role in building and developing cyber resilience. In trying to address IT policy requirements using in house resources, many organisations find the exercise to be laborious and costly to deliver, and a struggle to complete the exercise. Once policies have been approved and are in circulation, they need to be kept up to date and maintained by their respective “owners”. The frequency of policy maintenance will vary but it’s typically driven by changes in business requirements, best practice guidance or legislation.
February 02, 2023
With the release of the PCI DSS v4.0 standard Protocol Policy Systems initiated an upgrade exercise for IT Policy Management as a Service to reflect the changes. PCI DSS v3.2.1 will be retired as at 31 March 2024 at which point PCI DSS v4.0 will be the only active version of the standard. PCI DSS v3.2.1 is valid until 31 March 2024 to allow organisations time to understand the changes in version 4.0, update their templates and forms, and apply the necessary changes to meet the new requirements.