Security Policy forms the basis of an organisation’s Information Security strategy and is an essential requirement for ISO 17799 / BS 7799.
It provides evidence of the management direction and support for Information Security, defines responsibilities, and enables an organisation to specify the procedures in place to protect its important information assets.
Based upon the basic information security principles of Confidentiality, Integrity and Availability, it enables an organisation to clearly define its approach to security and its responsibilities under criminal law as well as statutory, regulatory and contractual requirements.
Our consultants have many years of experience in the field of Security Policy development, from comprehensive Information Security Policy documents to more specific User Guidance documents.
