How to create an IT Policy for your business

By • July 5th 2016

How to create an IT Security Policy

Having clear defined rules about use of IT in your business sets out what your employees can and can’t do when they are at work. By formally documenting these boundaries means:

  • Productivity is maximised – staff are doing what they should be doing and reducing the need for disciplinary action or dismissal
  • It will protect your customers
  • Avoid illegal acts by your employees ensuring your business doesn’t end up in court

With the increased popularity of social networking sites may employers having to write up or update their existing policy to provide guidance to employees as to what is expected of them. A typical IT policy would cover:

  • Email and internet use
  • Software use
  • Data protection – if you store personal and sensitive data about your customers, you employees will need to adhere to data protection rules
  • Security
  • Working from home
  • Using Portable Company Devices (and USB memory sticks)

The first step in formulating your IT policy is to look at what could go wrong and think how this could be prevented. It’s always a good idea to speak with your employees when formulating your policy, it helps to gain their support for the final policy which is a good thing for your business and for them.

Formulating an IT policy can be quite time consuming therefore a HR consultant might be able to provide a cost-efficient solution that is fully tailored to your circumstances.
In addition, there are plenty of free templates available to download from the internet to give you a starting point, but these are generic documents so may not be appropriate to your requirements or business. Acas provide a comprehensive guide on how to write a social networking policy.

To ensure that your employees understand why you are implementing an IT policy (to protect both them and your business). It’s better to call a short staff meeting to explain why the policy is being introduced and talk your staff through its key requirements and distribute the policy at the meeting, also if any employee doesn’t understand something it gives them the opportunity to ask questions. It’s also a good idea to leave a copy of the policy in a place that is accessible to all, such as the staff room. Whenever, a new member of staff joins they too should be issued with the policy.

As with all your policies and procedures it’s a good idea to review these on an annual basis and make any changes as necessary, but make sure any changes are communicated to your staff and an explanation given if needed. It’s also a good idea to invite staff feedback if any problems are encountered while working with the policy.

Janet Tonks: Client Services

Let Synium make your IT simply better

Contact the Synium team on 0121 663 0203, or via email to
let us offer you a free IT Security review and let us help you make your business more secure:


Subscribe to the Synium Blog

Receive our latest blog posts direct to your inbox.

Email *


Contact us


0121 663 0203


Instant Support:

Click Here


Brannan Phillips House
Shallowford Court
94-96 High Street
Henley in Arden
B95 5FY