Your homework assignment for this column is to locate your IT department’s Configuration Management policy, and find out how Security can benefit by getting compliant with this existing company policy. IT can help you do this, and when initial costs are involved, IT can provide business-case support because they already know these practices save money in the long run. That’s one reason such practices are company policy.
For the IT folks, it would be a welcome change to have an individual business function such as Security approach them to learn about their policies and ask for help in getting compliant! It is one way to start Security/IT collaborations off on the right foot.
There are often a dozen categories of IT policy, standards, practices and procedures that apply to physical security departments and their systems technology. They can include: how to use network resources; password policies; procurement practices; pilot testing; asset management; maintenance policies and lifecycle planning; compliance; and more.
Write to Ray about this column at ConvergenceQA@go-rbcs.com. Ray Bernard, PSP, CHS-III is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities. Mr. Bernard is founder and publisher of The Security Minute 60-second newsletter (www.TheSecurityMinute.com). For more, go to www.go-rbcs.com or call 949-831-6788. Mr. Bernard is also a member of the Content Expert Faculty of the Security Executive Council (www.SecurityExecutiveCouncil.com).