S 2.18 Inspection rounds

Initiation responsibility: Building Services, IT Security Officer

Implementation responsibility: IT Security Officer, Building Services

A safeguard can only be as effective as its actual implementation. Inspection rounds are the simplest way to examine the implementation of safeguards and to check whether all regulations and instructions are being followed.

The purpose of the inspection rounds is not to find violators in order to punish them. The inspections should serve primarily to eliminate any mistakes detected as quickly as possible (i.e. to close open windows, store documents left in the open, etc.). Finding the causes of the mistakes detected and avoiding them in the future is a secondary objective of the inspection rounds.

The inspection rounds should by all means be performed during office hours and should be used to inform the employees about the reasons for the regulations. This helps all persons involved to see the inspections rounds as an aid rather than as a form of patronising.

Review questions:

• Are inspection rounds performed in order to examine the implementation of safeguards?