Are companies these days really sure that their security policy is really secure? I think not. Can CIOs improve their policies and win the active support of management and staff?
Gary Lynch and Karen Avery of Booz Allen Hamilton think so. Using a fictitious pharmaceutical company that is struggling to enforce its security rules, they apply the DMAIC process (define, measure, analyze, improve, control), to troubleshoot and improve its security policy.
XYZ Pharmaceuticals has to protect some vital information: drug patents, clinical trial patient data, and a new diet pill. CIO “Jane Doe” is worried that the organization’s security policies are being followed. Her fears were founded. Someone squealed that XYZ would soon announce a new drug. This prompted CIO Jane Doe to deploy Six Sigma. How did she do it?
Read more How to Improve Your IT Security Policy: A Six Sigma Approach
