POLICIES AND STANDARDS

If policies and standards are not easily accessed, understood, and maintained, then what good are they?   
     

Home

Every organization must have a clearly defined and centrally managed IT security policy!  Policies address access controls, permissions, accountability, identification, authentication, and assurance from an information technology (IT) security perspective.  Centrally managed policies and standards ensure that mechanisms used to enforce security requirements are cognizant of each other and work well together.  We offer, in a content-rich and ready-to-publish web site, comprehensive security policies and standards that comply with best practices - including ISO 27002/17799.  

Security Policy:  What is and is not  permitted during the operation of a system or application.  Policies are developed to control the actions of subjects and their behavior.

Security Standards:  Where policies focus on what is expected from global perspective, standards, through control objectives, specify how policies will be implemented or enforced.

Examples: 

 Information Security Policy  ISO Policy Compliance  Policy Implementation

 

WEB SITE CONTENT

BENEFITS
bulletEthics and Code of Conduct
bulletHuman Resources (HR) Requirements
bulletComputer/Network Access Control 
bulletAsset Protection and Incident Reporting
bulletMedia Control and Disposition
bulletClassification and Handling
bullet Traceability Matrix      
bulletClearly Defined Document for All Employees
bulletEmployees Will Know What is Expected of Them  (Note:  This can be accomplished via User-Certification).
bulletManagement's Commitment is Clearly Defined
bulletEstablish Level of Compliance and Reinforcement
bulletPolicy Statements compliant with ISO 27002/17799