Definition

clean desk policy (CDP)

A clean desk policy (CDP) is a corporate directive that specifies how employees should leave their working space when they leave the office. Most CDPs require employees to clear their desks of all papers at the end of the day.

In the past, implementation of a clean desk policy was at discretion of the management. Employees at companies like UPS, for example, have adhered to a CDP for years because the culture established by founder James Casey encouraged employees to strive for order, to keep their offices free of clutter and to present outsiders with an impression of professionalism and competence. Today, CDPs are increasingly being motivated by information security compliance regulations such as ISO 27001 and the Data Protection Act.

To be effective, a CDP should be in writing with clear instructions for what actions the employee is supposed to take. Like an acceptable use policy (AUP), the CDP should be a signed contract that outlines what is expected of the employee, what is expected of the employer, who is responsible for monitoring the success of the policy, how monitoring will be done and what the consequences will be for policy non-compliance.

Typically, employees are responsible for clearing their desks when they leave the office at the end of the day and employers are responsible for providing access to a paper shredder and storage space. The office manager or the employee's supervisor might be tasked with checking the office at the end of the day and confiscating or destroying any folders, papers or portable storage media an employee might have left out on their desk. Consequences for policy non-compliance could be anything from a verbal warning to a monetary fine, according to the specifications of the policy.

Although a CDP helps protect sensitive corporate and client data assets by limiting exposure to external parties (such as cleaning staff), it can hamper the work of employees who use visual controls to do their jobs. 'Visual control' is a term that grew out of lean production. It simply means that proprietary information needs to be displayed in full view for everyone to see. A visual control may be something that needs to be physically manipulated, like an agile programming scrum chart, or something that has too many components to be stored easily at the end of each day. In such cases, a CDP for compliance can still be carried out by grouping employees who use visual controls together in one office and making the employees in that office responsible for physically cleaning their workspace (vacuuming, dusting, taking out the trash) so outsiders are not given the opportunity to view corporate or client information.

This was last updated in January 2010
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchMidmarketSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: