Professional Documents
Culture Documents
Clean Desk Policy
Clean Desk Policy
Security Division
Version 1.0
Date: 2010-02-01
Revision History
Document Approvals
Page | 2
DIT SECURITY DIVISION
Table of Contents
1.0 Definitions……………………………….…………………………………………….4
2.0 Overview …………………………………..…………………………………………..4
3.0 Purpose …………………………………..…………………………………………….4
4.0 Responsibility ………….……………..………………………………………………..4
5.0 Scope…………………………………..………………………………………………..4
6.0 Actions…………………………………………………….……………………………5
7.0 Enforcement ……………………………………………………………………………5
8.0 Violations……………………………………………………………………………….5
9.0 Associated Policies…………………………………………...…………………………6
10.0 Policy Governance………………………………..…………………………………6
11.0 Review and revision…………………………………………………………………7
12.0 Enforcement queries and comments……………………...…………………………7
13.0 Exceptions …………………………………………………………………………..7
Page | 3
DIT SECURITY DIVISION
1.0 Definitions
2.0 Overview
The purpose for this policy is to establish a culture of security and trust for all government
of Botswana employees. An effective clean desk effort involving the participation and
support of all government employees can greatly protect paper documents that contain
sensitive information about our clients, customers and vendors. All employees should
familiarize themselves with the guidelines of this policy.
3.0 Purpose
The main reasons for a clean desk policy are:
A clean desk can produce a positive image when our customers visit the
company.
It reduces the threat of a security incident as confidential information will be
locked away when unattended.
Sensitive and confidential documents left in the open can be stolen by a
malicious entity.
Reduction in stress with employees having a tidy desk
Reduction in workplace accidents and spills.
4.0 Responsibility
All staff, employees and entities working on behalf of the government of Botswana are
subject to this policy
5.0 Scope
The purpose of this policy is to ensure the proper use of Government offices are free from
possible data and information theft and make all users aware of what government deems as
acceptable and unacceptable office management. This policy applies to employees,
Page | 4
DIT SECURITY DIVISION
At known extended periods away from your desk, such as a lunch break, sensitive working
papers are expected to be placed in locked drawers.
At the end of the working day the employee is expected to tidy their desk and to put away
all office papers. The government of Botswana provides locking desks and filing cabinets
for this purpose.
6.0 Action
Consider scanning paper items and filing them electronically in your workstation.
Use the recycling bins for non-sensitive documents when they are no
longer needed.
Lock your desk and filing cabinets at the end of the day
Lock away portable computing devices such as laptops or PDA devices
Treat mass storage devices such as CD, DVD or USB flash drives as
sensitive and secure them in a locked drawer (refer to Removable Media
and Data Transfer Policy)
7.0 Enforcement
Any employee found to have violated this policy may be subject to disciplinary action, up
to and including termination of access privileges into the GDN. Heads of sections should
see to it that this policy is put into practice.
8.0 Violation
These regulations apply subject to and in addition to the law. Any violation of these
regulations may also be subject to penalties under civil or criminal law (Cybercrime and
Computer Related Crimes Act, 2007) and such law may be invoked by DIT. Use of the
Page | 5
DIT SECURITY DIVISION
The Government reserves the right to inspect any Government item owned ICT equipment.
Any equipment deemed to be breaching policy or otherwise interfering with the operation
of the network may be removed.
Infringements of this policy may be investigated under the Government’s appropriate
disciplinary procedures. Associated sanctions (with approval from Director, Permanent
Secretary or Permanent secretary to the President) may include:
Page | 6
DIT SECURITY DIVISION
13.0 Exceptions
Any exceptions to this policy will require written authorization. Exceptions granted will be
issued a policy waiver for a defined period of time. Requests for exceptions to this policy
should be addressed to the Director of the Department of Information Technology (DIT).
Page | 7