Gartner Blog Network

Has ‘you must obey the law’ ever actually worked?

by Jay Heiser  |  June 19, 2012  |  Comments Off on Has ‘you must obey the law’ ever actually worked?

Its not that I am categorically against the idea of law, but I am convinced that your typical corporate counsel is more motivated by personal convenience than by a sense of organizational proportion.

I recognize why virtually every organizational IT policy has the requirement “you must obey the law”, but I question the utility of it. 

Has there EVER been a documented case in which an organization managed to protect itself by placing this bit of legal voodoo inside their end user or acceptable use policy? Has there EVER been an example of a company that actually could NOT discipline an employee who significantly broke a law through some IT-related activity, just because they had not proactively taken the time to write a generic policy against illegalities?

I’d love to see some case law on this one.

Category: policy  risk-management  

Tags: law  legalism  policy  

Jay Heiser
Research VP
6 years at Gartner
24 years IT industry

Jay Heiser is a research vice president specializing in the areas of SaaS and public cloud risk and control. Current research areas include SaaS governance, cloud provider transparency and digital business risks.Read Full Bio

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.