Corporate reputations 'at risk' with inflexible security policies
UK organisations are ‘deluding themselves into a false sense of security’ by applying inflexible and over rigid policies and processes: so says a survey of 98 UK organsations by the National Computing Centre and legacy migration software firm Erudine.
The survey - 'Protecting Corporate Reputation and Brand, the role of people culture and technology' - was conducted during August and September 2008 by the National Computing Centre. It consisted of two Web-based questionnaires with senior IT professionals from 98 private and public sector organisations in the UK; one to investigate the People and Culture aspects and the other focused on Technology solutions.
The survey aimed to find out whether enterprises are effectively addressing the challenges of Corporate Governance and balancing those pressures with the need to improve business performance and promote innovation. It found that:
- 80 per cent of senior managers in the UK’s larger organisations ‘circumvent organisational policies in the interests of local expediency’.
- Of the 80 per cent, 41.1 per cent do ‘what they feel is appropriate’ to get the job done, with 26.7 per cent having devised their own work-around processes, and 8.9 per cent frequently take short cuts.
- 34 per cent thought organisations policies a burden to adhere to; in contrast less than 20 per cent never overrode organisational policies.
When asked ‘What the potential effects on their organisation’s brand could be if processes were being overridden?’, 70 per cent of respondents cited ‘loss of reputation’ and ‘loss of customer confidenc’e, while 42.2 per cent identified ‘regulatory fines’; only 12.2 per cent thought circumventing internal processes would lead to a drop in share price.
Those working for smaller organisations were more likely to consider their policies and procedures as a hindrance. By contrast only 39.4 per cent think they gain a high degree of flexibility and interaction by adhering to organisational policies and procedures.