IT Policies & Procedures Development
Policies, standards, and procedures that define appropriate handling of information in the business environment and set the ground rules for security architecture and technology, are constantly changing. TGC can help to integrate existing IT policies and procedures with industry best practices, regulatory needs, and business functions. If no policies currently exist, TGC will assist in the development of appropriate documentation for new policies and procedures.
The first step is a Global Assessment (also referred to as the Holistic Assessment) evaluating an organization's documented policies and procedures. If an organization is regulated by a federal mandate (Sarbanes Oxley, HIPAA, Gramm-Leach Bliley Act, etc.), these policies and procedures are assessed with the specific regulatory requirements in mind. Members of the organization's staff are also interviewed to determine how (and if) the documentation is actually used.
Following the policy review, comes the technical review. This provides the "point in time" snapshot of the organization's current security posture. From start to finish, TGC consultants can manage this entire process.
Features and Benefits:
¨ Analysis of existing policies and procedures.
¨ Documentation of IT architecture.
¨ We recommend sample policies to assist an organization in creating a security policy plan.
Key Questions:
¨ Does your organization have documented policies and procedures?
¨ Do you think this documentation allows you to more effectively communicate and enforce your IT policies?
¨ What are the consequences/risks associated with not enforcing these policies?
¨ Would it be helpful for you to have clear documentation outlining IT policies and procedures?
Key Contact:
Regina Theresa Jordan
Business Development Manager
(347) 515-6586
Regina.Jordan@TGC-Global.com
