Table 7 Proportion of all enterprises with a formally defined ICT security policy and different ways of making the staff aware of their obligation, by employment groups and area of industry. 2010. Per cent

7 Proportion of all enterprises with a formally defined ICT security policy and different ways of making the staff aware of their obligation, by employment groups and area of industry. 2010. Per cent
	Formally defined ICT security policy with with a plan for regular review	The ICT security policy addresses the following risks			The enterprise is using the following approach to make staff aware of their obligations in ICT security related issues

		Destruction or corruption of data due to attack or by unexpected incident	Disclosure of confidential data due to intrusion, pharming, phishing attacks or by accident	Unavailability of ICT services due to attack from outside	Compulsory training or presentations	By contract, e.g. contract of employment	Voluntary training or generally available information

All enterprises with 10+ employees	46	42	38	33	38	43	48

Employment groups
10-19	40	36	31	27	36	38	42
20-49	48	45	40	33	37	43	49
50-99	60	57	53	47	45	55	61
100+	75	71	67	62	50	71	75

Industry
Manufacturing (NACE 10-33, 35 and 36-39)	46	42	37	32	32	44	45
Construction (NACE 41-43)	35	32	25	19	26	27	36
Trade with and reparation of motor vehicles (NACE 45)	53	47	44	36	32	44	58
Wholesale trade (NACE 46)	56	54	47	44	45	53	56
Retail trade (NACE 47)	48	41	37	35	53	46	57
Transportation and storage (NACE 49-53)	39	37	33	29	26	37	36
Accomodation and food service activities (NACE 55-56)	32	28	22	18	28	25	27
Information and communication (NACE 58-63)	60	58	55	49	39	61	65
Financial and insurance activities (NACE 64-66)	95	94	90	84	72	92	80
Other business services (NACE 68-82 and 95)	55	50	47	39	45	54	55