“Employee Usage Policy for Organization's Information Systems and Assets”
INTRODUCTION
The aim of this study is to analyze and prepare an employee usage policy for an organization’s information systems and assets. This study will highlight the basic description of the organization. This basic description of the organization includes the mission or the business of the organization, the number and types of employees, the role of information technology in the business along with other description related to the organization. Furthermore, this study will also focus on discussing and evaluating the ethical, moral and legal implications of the employee usage policy devised along with the alternative usage policy.
ORGANIZATION’S DESCRIPTION
Mission Statement
The mission statement of the company is
“To provide the customers with innovative vehicles related products to fulfill their needs and wants at the right place and time. To ensure growth through better customer service, quality and commitment”
Being a medium sized organization, the approximate number of employees working for the organization is 150. The organization is centralized; this indicates that all the authority and span of control lies with the top management whereas the employees follow the instructions provided to them. Being a retailer of vehicle related products the organization has permanent staff along with contractual staff. The organization has different staff for each of the department. Some of the departments include Store operations (i.e. cashier and sales receiving), Marketing (i.e. public relations and promotions), Merchandising (i.e. planning, buying and inventory control), Human relations (i.e. recruitment and training), Finance i.e. (transaction records, credit and accounting) and Technology (i.e. information technology).
Other Descriptive Information
Since the company is of medium size, the company operates in limited locations. The company aims to provide the customers with the vehicle related products at competitive price and provide the customers with an additional service i.e. supplying the product to the customer’s home.
ROLE OF INFORMATION TECHNOLOGY
For an organization that provides its customers with vehicle related products, information technology plays an important and crucial role. With the help of advancing technology, the organization has enabled to establish its own website. With such technology, the customers can purchase products from the store online and the payment would be done on delivery. This has helped to provide the customers with the products at the right time and place according to their needs (Kim & Lee, 2006).
EMPLOYEE USAGE POLICY
According to a research conducted, it has been found that on average 64 percent of the employees waste one hour or less at work while 14 percent waste 3 or more hours each day at work. This is the core reason for the organizations to develop and prepare an employee usage policy as employees are paid for their time at work rather than wasting time (Nolan, 2005).
One of the major reasons for the organization to implement employee usage policy would be to track and monitor IT assets along with computer security reasons (Simmers, 2002). The employee usage policy for organization’s information systems and assets is as follows;
Restricted Technologies
In order to reduce the inappropriate use of information assets some of the technologies of the organization would be restricted to employees (Whitman, 2003). The restricted technologies would include;
- Installation of wireless network as it may cause the business to be exposed to a number of security and privacy risks.
- Peer-to-peer software as the business is operating in a cut-throat competitive environment; the employees should be restricted to use any software that could lead to security issues.
- Web camera and internet email accounts, this is to limit the exposure of the organization to the external threats. This would allow the business to secure its inventories.
- Social media websites so that the employees can concentrate on their work rather than wasting work time on social networking websites.
- Personal USB devices/ Flash Devices or any other external hard drives to secure the confidential information from being exposed to the rest of the world.
Business Use and Monitoring
In order to ensure that the business is operating at its optimum level, the employees’ usage of computer would be monitored with the help of software that would allow the employer to keep track of its employee’s use of internet. It has been found that browsing the internet often leaves malware, viruses and spywares that can reduce the efficiency of the business. In addition, such viruses compromise the private data of the business and reduce the performance of the computers which leads to disturbance at work (Rustad & Paulsson, 2005).
In order to reduce such issues, the activities of the employees would be monitored when considered appropriate by the employer.
Access Control Policy
In order to prevent the confidential information regarding the assets and data to be revealed, the organization will provide certain employees with the right to have access to such information. Under extreme circumstances additional employees would be provided with the access to such information but with certain restrictions so that the information could remain confidential and secured.
Since the employer is responsible for its employees, it is essential that the employees working for the organization adhere to follow the instructions provided to them (Siponen, Pahnila, & Mahmood, 2007). Use of unlicensed software can lead the employee to face penalties for the use of such software for copyright infringement.
The work would remain the property of the company and the employee is not suppose to use, show or reveal the confidential or any data related to the organization to any other person. The organization can take legal actions for the misconduct of the employee and can terminate the employee based on disciplinary actions.
Inventory management
It has been observed in many organizations that the employee use assets of the organization for personal use which is unacceptable. By keeping in touch with the personnel regarding the assets of the organization, the employer would be able to reduce the personal use of assets by the employees.
IMPLICATION OF THE POLICY
In this section, the implications of the policy devised are going to be discussed. Some of the implications of the policy are as follows;
Ethical
The ethical implication of the employee usage policy is that the employees are being paid for the work they do and not for the time that employees usually waste in work hours. It is ethical to devise such policies that could restrict the use of information technology and other assets of the organization through which the employees are familiar with. It is wise to provide the employee with an insight that their use of information technology and organization’s asset are being closely monitored and can lead the employer to take disciplinary actions against the misuse of the assets of the organization.
Moral
Even though that the worker’s privacy might be diluted, but it will allow the organization to keep its employees work to be enhanced to great extent. By reducing the use of illegal software by the employees, the organization would reduce the risks of copyright infringement and could help the employees to understand the risks of such acts (Pahnila, Siponen, & Mahmood, 2007).
Legal
The legal implication of the policy would include the copyright infringement of software that might put the business and its employees at risk. As per the federal law, copyright infringement is a crime and since the employer is responsible for its employees, the organization might be at risk. In addition, the compromise of confidential information regarding the organization and its assets could lead to direct dismissal of the employees. Furthermore, the employees would be considered responsible for such act and legal actions could be taken against the employee from the organization.
This dimension of the policy is quite important for the organization as it reduces the risk of any unethical and illegal act that could put the organization’s survival on the line. This aspect of the policy is useful for the organization as it keeps the employee working for the betterment of the organization by following the rules and regulations accurately (Kim & Lee, 2006).
CHOICES MADE IN PREPARING THE POLICY
For an organization that aims to provide innovative vehicles related product through the use of internet, choices had to be made for the creation of policy that could lead to enhanced performance and productivity of the employees (Kim & Lee, 2006). Some of the choices that were made during the preparation of the employees’ usage policy for the organization’s information technology and assets are as follows;
- Restricting the technology was the initial choice so that the organization could enhance its performance. Such a policy had to be made so that the employee could focus more on the work than wasting his/her time on social networking sites. This choice comes under the legal type as any employee found violating the rules and regulations gives the organization a right to take legal action against the employee.
- Business use and monitoring comes under the legal and moral type. As this policy reduces the employee wastage of time and enhanced performance, the organization can eliminate all the unnecessary risks. Being aware of the moral and ethical implication of the policy, the employees work harder and smarter so that the organizational goals could be met effectively. Furthermore, the behavior of the employees also changed with such policy at work.
CONCLUSION
It could be said that for an organization to enhance its performance and to accomplish the desired goals and objectives, the organization should develop and implement employee usage policy. With such policy at work, the employee would tend to work harder and smarter to achieve the goals and objectives of the organization.
With such policy, the organization can reduce the number of hours wasted by the employees and could work towards the enhancement of performance of employees.
References
Jarvenpaa, S. L., & Staples, D. S. (2000). The use of collaborative electronic media for information sharing: an exploratory study of determinants. The Journal of Strategic Information Systems, 9(2), 129-154.
Kim, S., & Lee, H. (2006). The Impact of Organizational Context and Information Technology on Employee Knowledge‐Sharing Capabilities. Public Administration Review, 66(3), 370-385.
Nolan, J. (2005). Best practices for establishing an effective workplace policy for acceptable computer usage. Information Systems Control Journal, 6, 32.
Pahnila, S., Siponen, M., & Mahmood, A. (2007, January). Employees' behavior towards IS security policy compliance. In System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on (pp. 156b-156b). IEEE.
Rustad, M., & Paulsson, S. (2005). Monitoring Employee E-mail and Internet Usage: Avoiding the Omniscient Electronic Sweatshop: Insights from Europe.University of Pennsylvania Journal of Labor and Employment Law, 7.
Simmers, C. A. (2002). Aligning Internet usage with business priorities. Communications of the ACM, 45(1), 71-74.
Siponen, M., Pahnila, S., & Mahmood, A. (2007). Employees’ adherence to information security policies: an empirical study. New Approaches for Security, Privacy and Trust in Complex Environments, 133-144
Whitman, M. E. (2003). Enemy at the gate: threats to information security. Communications of the ACM, 46(8), 91-95.