A good, strong, simple and encompassing Policy and Standards Framework and document set provides a mechanism for an organisation to define its expectations around the control and security of its systems, data and people and how those expectations are to be met within specific technologies.
•Covers the processes by which policy and standards documents are developed, adopted, updated and retired
•Assessment of Information Security Policies against recognised industry best practice and international standards (ISF, PCI, ISO, NIST)
•Support in the adoption of a new policy suite including education and awareness
•Ensuring standards support policy statements
•Assessment of business against existing or new policies or standards