Tackling new corporate governance requirements head on

Benefits achieved for Wigan Council

• Cutting Cost

  Wigan Council has automated the process for managing policies saving resources and money.

• Reducing Risk

  Enhanced compliance and corporate governance practices have been established in line with Audit Commission recommendations.

• Improving Performance

  Real-time visibility of compliance status, ensures early identification and resolution of issues rather than waiting for a statutory audit.

ICT transforming government services

Local Government is being encouraged to use the Internet, both in the completion of day-to day operational activities and for service delivery to the public, by Central Government in Westminster. With this increased reliance on technology however, comes a responsibility to ensure that council employees are using it appropriately.

Peter Livesey explains, “Wigan is no different to any other organisation in the UK. The Internet is now a must-have resource for completing tasks and can be a valuable resource – as a result the amount of time our staff spend online has dramatically increased in recent years. So, however, has the burden for employers to ensure that it is not being misused by employees.” "We quickly realised that using a manual paper-based system for deploying, managing and auditing the AIU policy simply wasn’t viable."

Overcoming logistical and administrative challenges

This increase in employee Internet access has resulted in the development of Acceptable Internet Usage (AIU) policies across the public sector. These impress on employees the importance of adhering to corporate policies – and the sanctions that they face in the event of breaches. Managing the initial circulation of a new policy can be a logistical and administrative headache, especially in large organisations. Enforcing it and ensuring employee acceptance can also be a significant nightmare.

Wigan’s Livesey explains, “The authority has more than 4,000 regular PC users if you include Council Members, partner organisations like Wigan and Leigh Housing company and Wigan Leisure and Culture Trust.

We quickly realised that using a manual paper-based system for deploying, managing and auditing the AIU policy simply wasn’t viable.” It was at this point that Wigan looked for an electronic management system and found NETConsent.

Fulfilling audit requirements

Peter Livesey continues, “Our priority was to find a system that could ensure all employees understood and accepted the authority’s Internet usage policy before they were allowed to access the Web. We also needed a record of each user’s acceptance - both to enable us to fulfill our audit requirements and to give us evidence in the case of a breach. Being able to provide evidence that an individual was aware of, and accepted the policy strengthens our case and hopefully prevents the likelihood of disputes ending in employment tribunals.”

The NETconsent solution works by automatically presenting the user with a browser screen informing them of a change in a corporate policy, and giving him/her the opportunity to review and accept it. Depending on the privileges of each user, they can be given the option to bypass the policy and complete it later. If a user chooses to accept the policy they are required to verify their identity, electronically signing their action, by keying in their network password.

Peter Livesey explains, “This ‘signed’ acceptance is then stored in a secure central database. We can run exception reports periodically that tell us who has yet to accept the policy which enables us to send out reminders or restrict privileges as necessary.”

Improving compliance and corporate governance

“The ease and success of the AIU policy roll-out with WEBconsent then got us thinking. Could NETconsent, a wider application, actually help us to fulfil our broader compliance responsibilities?”

Local Authorities are currently facing huge changes to their corporate governance responsibilities. A report by the Audit Commission highlighted the potential benefits of using IT as a driver for meeting corporate governance requirements to all of its stakeholders. This included using technology to streamline manual processes, data management and to deliver service information to residents.

Before it implemented NETconsent for wider policy management, data storage and information management purposes, Wigan undertook stringent testing to ensure broadening its activities wouldn’t expose the council to increased financial or operational risks.

Viruses, hacking and sabotage are threats faced by any organisation using the Internet and can result in financial loss, invasion of privacy or the theft of information or systems if the necessary safeguards are not in place.

“Having satisfied our members that the Authority would not be exposed to additional risks from automating its policy management processes the decision was made to implement NETconsent more widely.” says Peter Livesey. “Printing, distributing, gaining approval and managing responses at an organisation of our size would require a huge amount of resource – both in terms of people and money.

“When we looked at the benefits of using NETconsent’s Enterprise Policy Management Solution for all of our internal policies we realised that the resource and money savings we could make was substantial. The money usually spent manually distributing, approving and managing updates to our policies could be better spent on service delivery.”

NETconsent has improved Wigan’s corporate governance practices considerably. Information is readily available to demonstrate the Authority’s compliance with its statutory obligations. The real-time visibility that NETconsent provides also means that in the case of noncompliance, remedial action can be taken immediately, rather than waiting for statutory audits to be completed before anything is done.

From risk mitigation to improved service levels

Peter Livesey sums up the success of their policy management initiative. “NETconsent did everything that Wigan needed and more. From our initial requirement to save the Authority time and money in the deployment of our Acceptable Internet Policy to improving our corporate governance activities, the system has impressed us at every turn.

“The software not only protects Wigan Council from the threats posed from inappropriate Internet use by members of staff, but also guards against unauthorised attacks from the outside world. It also means that existing resources can be redeployed undertaking the Council’s core activities – ensuring our residents continue to receive the highest levels of service.”