IT Assurance: Tackling the User Awareness Challenge at Merthyr Tydfil Council

By Tara Hutton

August 4, 2009

IT Assurance: Tackling the User Awareness Challenge at Merthyr TydfilMerthyr Tydfil Council take a best practice approach to IT Assurance.  Leading the way in the Government Connect Code of Connection programme, they became the first local authority to achieve CoCo Compliance, and are working towards ISO 27001.  

The experienced IT team at Merthyr realise that gaining CoCo accreditation is only the beginning of the IT Assurance challenge; sustaining those standards required to maintain compliance and deliver best practice IT Governance won’t be easy, particularly in the area of user awareness.  Traditional methods of communication, such as email and corporate intranet, cannot be relied upon to deliver on requirements such as regular risk assessment, verifiable communication with all staff, and most importantly, demonstrating due care.  In light of this,  Merthyr Tydfil Council have deployed MetaCompliance Advantage, a specialist compliance automation tool from Baronscourt.  Ryan James, IT Security Manager at Merthyr Tydfil, explains why the council chose MetaCompliance:

“The solution that MetaCompliance provides will assist Merthyr Tydfil County Borough Council to achieve accreditation in ISO 27001 and maintain accreditation with GCSx CoCo. The product is very user-friendly, and meets the authority’s requirements by assisting us to communicate policies and raise awareness of ICT Security. From pre-sales to implementation, we have found the staff at Baronscourt to be professional and knowledgeable, and we look forward to developing our continued working relationship.”

MetaCompliance will deliver a number of key benefits to Merthyr Tydfil’s IT Assurance programme:

  • Sustainable user awareness of IT Governance policies, procedures and processes;
  • The ability to elicit a response from all users, including 3rd parties and non electronic users, allowing for an inclusive compliance picture in a timely manner;
  • Real time risk assessment and measurement of organisational IT Assurance posture in line with ISO 27001;
  • Dynamic, situational awareness of IT Governance procedures at the times when users most require it;
  • The ability to prove due care to 3rd party auditors and regulators with a secure repository for IT Governance audit information
  • The automation of repetitive and tedious IT Governance processes that are often prone to human error.

 Yesterday’s security awareness won’t prevent data leakage or support the data protection and business continuity needs of the future. The development of an effective information risk management culture requires an ongoing, inclusive, automated user awareness programme, only then will local authorities be able to maintain best practice IT Assurance. 

If you wish to find out more about the MetaCompliance suite of products, please contact Baronscourt on 0207 917 9527.

Home     More Baronscourt Stories     Search News

More...


Next Steps...


Sorry, we’ve missed your call, please leave a message and we’ll call you back. Find us on Google Maps Microsoft Certified Partner - Windows 7 Compatible
Read more Test drive Read more Test drive Read more Test drive Read more Connect with us on Facebook Connect with us on Twitter Connect with us on Linked in Connect with us on YouTube Connect with us on our News Feed