Information Security Policies
As organizations are adapting to new security measures, a revision of the internal IS security policies is necessary. The activities to undertake such an initiative can be summarized in 8 tasks as per table below.
|1||Review existing security policy and identify gaps||Ensure if readability of the policy is adequate for all stakeholders.|
|2||Research current methodologies and tools to implement an effective security policy||Review updated encryption and password construction mechanisms. Reorganize the policy for improved readability and ensure that each policy has control mechanisms.|
|3||Train internal team for readiness||Include security, disaster, data breach and drills in the relevant policies.|
|4||Obtain necessary budgetary figures||Build the necessary business case with associated risk for each budget line.|
|5||Prepare the executive team for the changes||Obtain the necessary executive buy-in and sponsorship to implement the necessary changes.|
|6||Set expectations||Clearly explain what risks are being mitigated and the effort required.|
|7||Set timeline||Set reasonable timelines whilst avoiding unnecessary rush and pressure on the various teams.|
|8||Prepare all organization for the changes ahead||Communicate, monitor and communicate again.|
The following handbook encompasses the most common security policies. Please reach out for a word document.