Practical Information Security

Americas > Caribbean > Europe > Africa >Asia

Français | English | Español
Home
Managed Security
Strategic Consulting
Partnership
Corporate
News
Contact Us

Strategic Consulting

Intrusion TestsSocial EngineeringTrainingAwareness ProgramSecurity Policy
BCPDRPArchitecture ReviewForensic
Above Security > Strategic Consulting > Security Policy

Security Policy


An information security policy is a set of documents indicating the directives, procedures, policies and organizational and technical guidelines to follow, relating to information security and its management. It is a clear and firm commitment to protect the confidentiality, integrity and availability of the company's informational assets. The policy covers people, information, processes, technology and facilities. The development framework is consisted of laws, rules, policies, directives, standards, procedures and guidelines that govern the company.

Why implement an information security policy?

The information security policy enables you to define, realize, maintain and improve information security within the company against competition, maintain liquidities, profitability, legal conformity, regulations and the commercial image. It will enable you to answer, amongst other things, the following questions:
  • What is the importance of information security for our organization?
  • What is our top management's vision about information security?
  • How important is the safety of our critical application's data?
  • What are the necessary controls to protect our data?
  • Are our employees aware about information security risks and the proper ways to address them?
  • Do our employees know their responsibilities and duties with respect to the protection of our information resources?
Why choose Above Security?

Using various tools such as interviews, questionnaires and especially analyzing the company's documentation, our experts can assist you, according to your needs, in each of the following activities:
  • Establishing if security policies are appropriately designed, implemented and enforced in order to protect your organization's information.
  • Determining if the information security investment is proportional to your organization risk profile and business objectives.
  • Deciding the required data classification for your organization.
  • Identifying the personnel required for various aspects of the security policy, including the decisional and approval privileges.
  • Implementing a policy and procedure for the development and maintenance of your security policies.
  • Recognizing and determining the required awareness program to educate your employees on relevant aspects of security policy.

Download

Download our Information Security Policy brochure

Contact

Contact us to discuss our Information Security Policy offer

White paper

Risk Management Standards Applicable to an Information Security Management System

Home | Managed Security | Strategic Consulting | Partnership | Corporate | News | Contact Us
© Copyright 2008 Above Security