ITAM Policy Compliance in the Workplace

In Featured Articles, IAITAM News You Can Use, IAITAM Quarterly by IAITAM

Why Practitioners Should Insist on Their Own Section of the Employee Manual

“Effective and true communication builds trust and trust is a core issue that must exist in order for business relationships to be successful.” –Barbara Rembiesa, President of IAITAM

An employee handbook, also known as an employee manual or company policy manual, is ubiquitous across the majority of for-profit and nonprofit organizations. However, one thing that is missing from a lot of them are policies regarding acceptable use of the organization’s IT assets.

The employee handbook typically starts with an outline of the organization’s mission, values, and goals. It then goes into employment procedures, such as compliance with laws, equal employment opportunity, and definitions. Main categories include standards of employee conduct, employee benefits, and compensation. There can be dozens of other categories depending on the organization’s needs. Those categories are then broken down into the details: fire prevention, dress code, confidentiality, physical security, holidays, insurance, jury duty, etc. Again, what is included depends on the organization.

Employees are instructed to read the manual, comprehend it, and then typically sign a document of understanding stating that they will abide by the terms and conditions. Breaking the rules results in consequences with varying levels of severity that depend on the nature of the offense. For example, an employee could be put on probation for coming into work late. Or, an employee could be fired for sexual harassment.

While most employee handbooks include rules about general behaviors such as theft, absence, and insubordination, few include mandates specifically about how to handle IT assets. This is something organizations should consider changing, because adding these policies has the potential to save a lot of time and money later. IT Asset Management policies need to be in the handbooks. This information should be provided at the very start of employment and continue to be communicated throughout the employee’s career in the organization.

Manuals reduce miscommunications. Miscommunications can sometimes occur when a message is delivered face-to-face or through an email. Employees can claim ignorance for their actions if those rules are not written down, and especially if there is no form to sign where they swear to abide by the rules. Manuals reduce miscommunications. Putting ITAM policies in an employee manual is a hopeful solution to better compliance. This accountability will only improve the effectiveness of the ITAM program in the organization.

Although it may be obvious that employees should not intentionally damage IT assets, some damage can happen by accident, such as knocking a phone off a desk or dripping coffee on a keyboard. Improper use of IT software assets also can result in bigger problems for an organization, such as audits.

Here are examples of what IT Asset Managers should include in an employee manual:

  • Employees should not install software on the organization’s computers
  • Employees should not use rogue assets, such as adding an extra monitor or a personal printer to their computer
  • Employees should go through a request process with the Help Desk and ITAM department to obtain software or hardware if needed

Dress code is important. Confidentiality is important. Physical safety, tobacco use, and holidays are important. All these topics should be addressed in the employee manual, but so should ITAM. Communicating with the staff of an organization can, ultimately, reduce risks. Those include the possibilities of incurring additional costs and failing an audit. Therefore, ITAM policies in an employee manual can save the company time, money, and prevent damage to an organization’s reputation.



View More ITAM News

Get the latest Industry News in your inbox every week!