Does this have to be mutually exclusive?
I think my biggest confusion and disagreement about what has been said or implied in the article and earlier responses is why a detailed policy is mutually exclusive with conducting layman education with users.
As others have pointed out their responses, policies covering the essential scope and purpose for company resources protect the organization in legal and disciplinary settings. However, the kind of proactive (or more importantly, interactive) education of the company leadership?s views on appropriate computing in the workplace is not mutually exclusive to having a complete written policy.
I argue that comments like users should keep up to date with IT guidelines without coaching is a lackadaisical position to take as an IT department. Giving a concise summary of the changes at regular intervals in smaller servings is a more palatable alternative that encourages understanding and compliance. Following up with engaging user education and demonstrations also reinforces the value of IT policies and provides a feedback mechanism for users to critique new and existing policy for the better.
