Open the newspaper, and you’ll find no shortage of stories about sensitive corporate information getting into the wrong hands. How can you ensure this doesn’t happen to your organization? Solid IT policies and procedures. They are critical components of an organization’s umbrella IT strategic plan and are designed to prevent serious operational problems. In general, security policy and procedures include assessing your organization’s assets and holdings, evaluating them against threats or risks for exposure and having the right tools and techniques in place to manage those threats and risks.