Security Policy

Policies are established to shape and influence behavior to ensure consistency and legality in conducting business and pursuing the goals of your organization. Policies become formal when they are committed to writing and published. Formal policies are important because of the growing propensity for litigation concerning employment relationships and product and service problems. In addition to being guidelines for practice and behavior, formal policies provide a certain measure of legal protection. Policy is also a fundamental part of the preservation of confidentiality, integrity, and availability of information resources. Policy also forms the foundation against which an audit may be performed.

PCI Policy
Standard set of policies and procedures that meet the requirements of PCI DSS v 1.2.

HIPAA Policy
Set of policies and templates that cover all aspects of the HIPAA Final Security Rule.

Enterprise Policy
Information security policy based on security standards such as ISO 17799:2005 and industry best practices for information security.