Man and woman working on their devices Man and woman working on their devices Man and woman working on their devices

Case Study - Longreach Regional Council

Policy Management as a Service Implementation

About Longreach Regional Council

Longreach Regional Council is a Local Government Area covering 40,638 square kilometres in the state of Queensland, encompassing the communities of Ilfracombe, Isisford, Longreach, and Yaraka. The region is home to approximately 3,726 residents and serves as an economic and social hub, with key industries including cattle and sheep farming, as well as tourism.

The council's responsibilities encompass a wide range of services such as libraries, public facilities, planning and development, roads, waste management, water services, childcare, animal control and disaster management.

Background

The organisation has approximately 180 staff and has transitioned to running on Azure and Microsoft 365. The IT team has expanded from a team of two people to five, including a records officer. Aside from running the core cloud-based services, the team also manages a fleet of 113 mobile devices.

Challenges

The move to use Azure and Microsoft 365 marked a pivotal moment for council as it provided the foundations for modernising their IT operations. However, the move also highlighted the need for robust IT policies and clearer governance to ensure a smooth transition and long-term success.

“We were originally working in a Citrix environment with only two IT people and didn’t have our processes documented to the level we needed. We had a management directive that was out of date and needed to be refreshed as it still referenced obsolete systems and practices. As a result, staff lacked clarity on their roles, responsibilities, and expectations when it came to IT usage.” Comments Kimberley Dillon, Manager of Innovation & Business Improvement.

“So, before we commenced the transformation project, called ‘Project Shangri-La’, we wanted to make sure we had the governance right and in place before getting handed over the keys to our new environment.”

To address their challenges, the organisation reached out to other councils for guidance on standards management. It was through these discussions that council was introduced to Kaon Security and their Policy Management as a Service offering.

Solution

The Essentials version of Policy Management as a Service (PMsaS) provides a comprehensive solution that was tailored to the council’s needs and enabled them to efficiently update and streamline their standards. The content includes 25 key policies written in plain English and mapped to recognised standards such as ISO, PCI, and ASD Essential Eight. A range of supporting workflow functions help to manage the policy content and users of the service, examples being – stakeholder mode to capture feedback on policy wording, an acceptable use standard quiz to test user comprehension, automated policy review reminders to ensure content is reviewed on schedule, user awareness training – 8 videos, a process and procedures section, supporting forms, logs and guidelines content.

Benefits

“The way the content is categorised is great. It’s bite sized and easy to navigate, not just from the end user perspective, but also for managers and the technical team. The simple layperson’s explanations within each of the policies is especially useful and makes PMaaS really good value for money” Kimberley comments.

“It has also put rigour around the procedures that our IT Team apply and provides a bird's eye view of our standards landscape. The implementation of PMaaS helped us to develop a roadmap to guide our IT governance over the coming years”

“With the rapid pace of development of AI and other IT technologies, standards can often quickly become outdated. With PMaaS, we can keep up with these changes and maintain a best-practice approach to IT governance. We can also call upon Kaon Security’s sector expertise and best practice knowledge which is invaluable to an organisation of our size."

“It is still a work in progress, but PMaaS definitely has put us in a good position, and we know what we are striving towards. We have been telling everyone that will listen to us about PMaaS because we genuinely see the value there,” says Kimberley.

Leadership

To ensure successful adoption and understanding of the new standards, the organisation plans to re-induct all staff, placing a strong focus on the Acceptable Use Standard. They also intend to integrate a cybersecurity awareness training platform to reinforce secure behaviour and understanding across the organisation.

Contact Us Today

Fill in the form below or call us on +61 3 9913 3248 (VIC), +61 7 3194 3664 (QLD) or +61 2 9098 8206 (NSW)