Browse Definitions :
Definition

clean desk policy (CDP)

A clean desk policy (CDP) is a corporate directive that specifies how employees should leave their working space when they leave the office. Most CDPs require employees to clear their desks of all papers at the end of the day.

In the past, implementation of a clean desk policy was at discretion of the management. Employees at companies like UPS, for example, have adhered to a CDP for years because the culture established by founder James Casey encouraged employees to strive for order, to keep their offices free of clutter and to present outsiders with an impression of professionalism and competence. Today, CDPs are increasingly being motivated by information security compliance regulations such as ISO 27001 and the Data Protection Act.

To be effective, a CDP should be in writing with clear instructions for what actions the employee is supposed to take. Like an acceptable use policy (AUP), the CDP should be a signed contract that outlines what is expected of the employee, what is expected of the employer, who is responsible for monitoring the success of the policy, how monitoring will be done and what the consequences will be for policy non-compliance.

Typically, employees are responsible for clearing their desks when they leave the office at the end of the day and employers are responsible for providing access to a paper shredder and storage space. The office manager or the employee's supervisor might be tasked with checking the office at the end of the day and confiscating or destroying any folders, papers or portable storage media an employee might have left out on their desk. Consequences for policy non-compliance could be anything from a verbal warning to a monetary fine, according to the specifications of the policy.

Although a CDP helps protect sensitive corporate and client data assets by limiting exposure to external parties (such as cleaning staff), it can hamper the work of employees who use visual controls to do their jobs. 'Visual control' is a term that grew out of lean production. It simply means that proprietary information needs to be displayed in full view for everyone to see. A visual control may be something that needs to be physically manipulated, like an agile programming scrum chart, or something that has too many components to be stored easily at the end of each day. In such cases, a CDP for compliance can still be carried out by grouping employees who use visual controls together in one office and making the employees in that office responsible for physically cleaning their workspace (vacuuming, dusting, taking out the trash) so outsiders are not given the opportunity to view corporate or client information.

This was last updated in January 2010
SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • Domain-based Message Authentication, Reporting and Conformance (DMARC)

    The Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol is one leg of the tripod of internet ...

  • data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an...

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

SearchCIO
  • data privacy (information privacy)

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • leadership skills

    Leadership skills are the strengths and abilities individuals demonstrate that help to oversee processes, guide initiatives and ...

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

SearchHRSoftware
SearchCustomerExperience
  • recommerce

    Recommerce is the selling of previously owned items through online marketplaces to buyers who reuse, recycle or resell them.

  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

Close