This is despite the fact that the Sexual Offences Act 2003, which came into force in May this year, provides relatively clear guidance on the tricky management question of how to deal with potentially illegal images of children found on company networks.
Until recently, IT professionals and managers risked prosecution for viewing these images, even when in the course of the day-to-day management of electronic networks and services. This is the result of the Protection of Children Act of 1978, which prohibits the "taking or making" of an indecent photograph or pseudo-photograph of a child.
"Making" includes the situation where a person downloads an image from the internet, or otherwise creates an electronic copy of a file containing such a photograph or pseudo-photograph. To be an offence, such "making" must be a deliberate and intentional act, with knowledge that the image made was, or was likely to be, an indecent photograph or pseudo-photograph of a child.
But the recent Sexual Offences Act made an amendment to the 1978 law by creating a defence to a charge of "making".
A defence is now available where a person "making" such a photograph or pseudo-photograph can prove that it was necessary to do so for the purposes of the prevention, detection or investigation of crime, or for the purposes of criminal proceedings. A person accidentally finding such an image also has a defence to that act of making.
In effect, therefore, the Act protects those IT professionals who may need to "make" or download and then store potentially illegal child abuse images as evidence, in order for the content to be assessed by either law enforcement or a named relevant body, such as the Internet Watch Foundation.
This is not a defence, however, for the random, casual, or deliberate viewing of child abuse images under any circumstances.
Details of the specific circumstances under which IT professionals could claim a defence under the new legislation are due to be published later this month in a Memorandum of Understanding between the Association of Chief Police Officers and the Crown Prosecution Service.
Research carried out by telemarketing firm Blue Donkey, and published yesterday by the IWF, found that of the 1,000 senior IT management professionals questioned, the overwhelming majority were not aware of the legal implications, liability and responsibility around internet use and especially potentially illegal images of children viewed or held on their networks.
This is despite 63% of the respondents, or their systems staff, regularly viewing internet sites or content for internal monitoring/regulation purposes.
Ninety percent of respondent companies had an acceptable internet use policy in place, but less than 65% had a specific policy for dealing with potentially illegal indecent images of children. Six percent of participants, senior IT management, didn't know if there was a company policy in place or the potential consequences for an individual employee, if such images were found.
Nevertheless, according to the research, 86% of respondents said that corporate social responsibility was "very important" to their organisation.
"It is vital that any organisation providing internet access to employees understands how to deal with these types of images," said Peter Robbins, CEO of the IWF. "Their policies must be in line with current UK legislation and internal procedures should be clearly and regularly explained to staff, including consequences for transgression."
"The relevant law and guidelines are freely available from our website, so there is no valid excuse for not handling this type of content appropriately," he added.