Related Products |
| • Patch Management |
| • Security Information Management |
| • Vulnerability Management |
PricewaterhouseCoopers |
| •PWC reveals that in 52% of large businesses, the cause of the most severe security breaches has been people within the organisation |
Related Services |
| • Vulnerability Assessment |
| • Penetration Testing |
| • Awareness Training |
| • Managed Services |
|
Policies and procedures describe management's expectations with regard to business processes and information security. Due to technical jargon, lack of distribution, or lack of a security culture, leads to poor implementation. The organization's security suffers greatly. Statistics prove the insider threat poses the most significant risk. Security researchers continue to recommend strong policies and procedures as one of the keys to mitigating an organization's risk. ComSec develops clear, concise, and easily accessible policies.
|
Policy
Review |
 |
| Many organizations have existing policies and procedures which need adjustment in order to comply with the newer regulations. ComSec's Policy Review evaluates existing policies, procedures, and standards to clearly define what is currently in place, and recommended enhancements. A regulatory gap-analysis, and information security project charter are the deliverables. |
Policy
Development |
|
| ComSec can leverage your existing policies, or create a completely new set for you. Our Policy Development service engages staff to gain clear visibility into your business operations. With knowledge of the assets, relationships, and business units, ComSec devises a policy to allow your organization to quickly comply with regulations, and provides a framework for IT governance. |
Gartner's Perspective |
| "Gartner believes that a strong security program comes from defining policy, auditing the environment against that policy, and then enforcing policy against noncompliant devices.' |
