Security Policy, Process and Procedures
Security policies and directives need to be in place and followed to protect your business. They should support your business requirements and mitigate risk without stifling employee productivity. To achieve this, PLA uses the ISO17799 security guidelines as the foundation for any information security process. PLA first evaluates your current policies and procedures. We next help you develop policies and procedures that meet both organizational objectives and regulatory requirements, and are supported by manageable enforcement processes.
PLA’s Information Security policy assessments also can be based on specialized products or other 3rd party guidelines.
We have assessed and developed policies that cross:
- Governance
- Data Security
- Change Management
- Network Management
- Software Security
- Software and Software Development
- Communications Security
- Administrative Security
- Personnel
- Physical Security
Areas for which PLA successfully has developed effective security procedures include:
- Governance
- Compliance and enforcement
- Change control
- Security monitoring
- Data handling, marking, and retention
- Backup and restore
- Data classification
- Remote access
- Risk analysis and assessment
- Patch management
- Systems hardening
- Personnel security
For more information regarding any of these services,
please contact Bruce Munies.