Sometimes organisations reach a point when they know they are going to have to do things very differently in order to achieve desired outcomes. Whatever the goal, change management principles are an important tool for moving from a current to some other desired state, and enabling the achievement of strategic objectives.
Security Practitioners implements clients’ change management programmes around five key principles.
An effective change blueprint
There is a high level of confidentiality associated with the work that we do. However, we are happy to provide references where appropriate.
Recognise the role of human error Our work recognises that, regardless of the quality of strategies, plans and technologies, information security breaches frequently stem from human error. Such incidents can have a very significant impact, as regular negative media stories illustrate.
A very fluid employee base Today’s organisations have a diverse and complex employee base with a constant flow of joiners, leavers and movers. In addition to global and local permanent staff, this includes third parties such as contractors, consultants, service providers, joint ventures and temporary staff. Organisations cannot transfer liability for due care of information assets, so information security strategic goals need to encompass all these groups.
One size does not fit all All organisations are different and so no single solution can suit them all. We develop bespoke change management models that are in tune with employee profile and organisational culture.
Backing from senior management Successful change management programmes need support from the Board and senior management. Leaders who are committed role models are key to instilling a new culture across the organisation. We focus on raising awareness and understanding at this level. Priorities include improving appreciation of the risks vs. rewards benefits and the challenges involved in implementing a holistic information security programme.
Security Practitioners offers organisations a number of modular information.
Security Practitioners offers organisations a number of modular information security awareness programmes. They can choose from these services, as and when they are needed, to tie in with specific organisational priorities, developments and events. On-line services can be used as standalone modules or in conjunction with change management components.
Some clients need a more tailored information change management programme. We work on-site to capture and link business and information security drivers; maximise employee awareness, understanding and commitment; and minimise risk.
There has been a lot of interest in our awareness programmes aimed at increasing senior management’s understanding of information security.
Sometimes organisations reach a point when they know they are going to have to do things very differently in order to achieve desired outcomes.
Security Practitioners Ltd (Registered Company No 7500410)