Tamworth Borough Council delivers ISO27001 using NETconsent

Tamworth Borough Council provides services to its 77,000 strong population, under the aegis of the wider reaching Staffordshire County Council. Its remit includes housing, the environment and finance, with its priority being the improvement of the economy and the wellbeing of the community. With a roster of 400 full-time members of staff and up to 100 casual workers, it is vital that all members of the council are fully updated on policies and procedure, in order to make that goal achievable.

It was the striving for adherence to the ISO27001 standard in the years 2008/09 that led Derek Bolton, Corporate Information Security Manager at the council, to seek out a solution to the organisations particular policy delivery needs. Seeking a provider that could ensure the demonstration of best practice for the councils Information Security Management System (ISMS) was critical, NETconsent won out over the competition by virtue of product capability, cost-effectiveness and accessible interface, enhancing and simplifying the user experience. In using NETconsent, the council’s proactive approach is manifestly apparent to the accreditors commented Derek.

Tamworth Borough Council employ NETconsent over a broad reach of departments. It is utilised by Housing, ICT, HR, Payroll and Finance, as well as by the Internal Auditing division. Where it is essential that current legislation is complied with, NETconsent provides compliance in response to the particular requirements of each department. Whether it is the rapidly evolving rules relating to Payroll, the regulatory framework of social housing requirements or compliance with the PCI-DSS standard in the Finance department, NETconsent has the situation safeguarded.

In Derek's opinion, the two applications invaluable and used most widely at the council are the Policy Manager and Assessor functions. Policy Manager creates legally valid proof of employees having seen, understood and agreed to policies. Assessor analyses employees's feedback and attitudes, at Tamworth this is used primarily in relation to the delivery of Health and Safety questionnaires.

Staff awareness is an essential component of reducing risk and comprehensive training ensures procedural compliance across the board. Previously, it was incumbent on Derek to undertake the bulk of the training duties. NETconsent facilitates the targeted deployment of policies, enabling the acceptance of policies at the desktop. This saves time and money on learning schedules, aiding delegation, with others now able to take the lead on training. NETconsent has the capability to deliver policies and procedures, produce multi-level reports and also to observe trends, which is an excellent indicator of where more training might be required. This reduces the prospect of leaving the council exposed. Apace with this, NETconsent offers continuing support and superb training, commented Derek.

Regarding accessibility, as technology evolves, Derek foresees that an agile working environment will take increasing precedence over the traditional PC base. NETconsent is evolving along these lines, understanding the needs of delivering to non-traditional users”, commented Derek. NETconsent provides Tamworth Borough Council with the means to maintain consistently high data security standards across the organisation in a cost-effective manner. The partnership between the two organisations is ongoing, lasting far beyond purchase and initial implementation.