S 2.37 Clean desk policy

Initiation responsibility: Head of Organisational Section; IT Security Management

Implementation responsibility: Staff members

All staff members should be encouraged to leave their desks "neat and tidy". An IT user does not only have to see to it that, when leaving his workplace, the appropriate arrangements have been made to prevent unauthorised persons from having access to IT applications or to data; but he must also just as conscientiously check his workplace and must ensure that no loss of availability, confidentiality or integrity will be entailed by any access of unauthorised persons to data media (diskette, hard disk) or to documents (print-outs). .

For short absences during working hours, it will suffice to lock the room; outside working hours, the workplace must be tidied up so that no media or documents requiring protection that are not locked away, will be left behind at the workplace.