Effective Polices & Procedures are crucial for successful security strategies.
Policies & Procedures are crucial to implementing an effective data security strategy. They should be viewed as the glue that holds all aspects of data security together, without effective Policies & Procedures (P&Ps), each aspect of data security would be a collection of disparate parts.
This is why VigiTrust believes it is imperative that organizations are provided with effective P&Ps which suit their business strategy as well as corporate security strategy. VigiTrust have developed over sixty classes of polices to address each aspect of data security.
VigiTrust has developed the 5 pillars of security framework on which its P&Ps are based. Each of the following areas are addressed: Physical Security, People Security, Data Security, IT Security and Disaster Recovery & Business Continuity.
For policies to be effective, they must reflect the organizations’ specific requirements. VigiTrust pays special attention to tailoring its Polices to match organizations’ strategic requirements and ensures they comply with the relevant legal and industry frameworks that apply.
VigiTrust has developed a four step process for both selecting and tailoring the Policies & Procedures required each organization.
The Policies & Procedures employed by VigiTrust are based on data security best practice, taking in to account ISO27001 and PCI DSS. In addition they are based on VigiTrust’s extensive experience in helping clients become compliant with one or more data security standards. VigiTrust has learned from working with auditors, which Policies are not only effective but are also likely to be accepted by official auditors.
For more information on the importance of P&Ps and for some detail on the P&Ps provided by VigiTrust, read Ensuring IT Policies&Procedures Comply with DSS.