|
Initiation responsibility: IT Security Management Team
Implementation responsibility: Management, IT Procedures Officer
Now that IT is used widely, traditional work routines are undergoing a transformation which requires not only adaptation of organisational structures but also a change in the skills and competence of staff.
It is therefore not sufficient just to compile the necessary rules together from an objective point of view, but active steps must also be taken using didactic techniques to change the skills and competence of staff. IT security awareness promotion and training programmes can assist with this, but at the same time the opportunities presented by the new technologies should also be used to make the necessary information available at the workplace in a context-specific manner. With this objective in mind, the BSI has created an IT Security information desk ("Info Desk") which makes general information, key security policy statements and specific guidelines available online over a graphical user interface in the Intranet of an organisation.
A demo version of this "Info Desk" will be found on the CD-ROM for the manual (see appendix on Additional Aids, German version only). The application is designed so that it can be adapted to the particular circumstances of different agencies or companies. The BSI offers support with setting this up through a set of correspondence course lessons. Beginning with modification of the user interface to reflect the organisation's corporate identity, over a cycle of 18 months the organisation's own information security policy and specific IT security concepts are integrated into the Info Desk. The correspondence course lessons are sent out by e-mail, which is also used for experience sharing. Further information may be obtained from schulung@bsi.de.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
last update: October 2000 |