Bezpečnost ICT ve vnitřních předpisech a školení zaměstnanců
ICT Security in the Internal Regulations and Training of the Employees
Author(s): Pavel Loutocký, Kamil MalinkaSubject(s): Law, Constitution, Jurisprudence, ICT Information and Communications Technologies
Published by: Masarykova univerzita nakladatelství
Keywords: control of the employee; internal regulations; internal instructions; employees‘ obligations; internal security; training of the employees;
Summary/Abstract: The target of this article is to present the proposal, progress and the results of the experiment, which aimed to find out how company employees respond to the situations that are defined within the internal security policy. In this context, we are focused in the beginning on the legal aspects related to the general control of the employees using internal regulations and instructions of the employer to present related legal framework, which should be a necessary basis for effective compliance with internal regulations of the employer. We define the very concept of the internal regulations and its requirements (in contrast with internal instruction); then we present relevant decisions of the Czech courts. This should serve for better understanding of the mechanisms and instruments with which the employer can control its employees in the performance of their work. We will then put general legal framework in the context with the results of the experiment. The purpose is thus to verify the hypothesis that although the law provides the requirements for the control of its employees, it is just a general framework (which is not a priori wrong), but in practice, it often leads to inadequate and vague regulation of the issue and it does not cover whole area. In practice, very important question connected to the implementation of the employer’s instructions is how to present the information to the employees, who are required to behave in accordance with the security policy (as it is shown in our experiment) or generally in coherence with internal regulations and instructions of the employer. Such issue is not reflected in detail by the legal framework. The experiment took place in the branch of the company located in Brno, Czech Republic, which is focused on software development. The company has about 300 employees. One of the interesting findings was amongst the others that the training videos were inefficient for staff training, and vice versa there was visible positive effect of personal approach.
Journal: Revue pro právo a technologie
- Issue Year: 7/2016
- Issue No: 14
- Page Range: 45-64
- Page Count: 20
- Language: Czech