OCEG recently announced poll results from a One Minute Poll about Policy Management.  In their poll, 429 members replied to the following question:

How do you primarily manage lifecycle of internal policies, procedures and guidelines?

  • 32% use an internally developed database or intranet system
  • 24% have no formal structure
  • 18% use file folders or centralized network drive
  • 14% use document or policy management software
  •  8% track changes in Word
  •  4% use other methods


Lessons learned:  Bad guys already know what the results from this poll clearly reveal…People are an organization’s weakest links.  As long as 86% or more of organizations continue to use status quo methods that provide little or no accountability and little or no auditability to ensure situational awareness at the individual level, organizations will be vulnerable to attacks, mistakes, lawsuits, fines and disconnects that have a negative (potentially significant) effect on their bottom line.