Policies and Procedures — Standards and Guidelines
It’s Critical: Stay Current On All Policies, Procedures, Standards and Guidelines
- When was the last time your IT policies were refreshed?
- What is your policy for mobile access, mobile application development, and mobile security?
- If you’re in a business covered under Sarbanes-Oxley, are you in compliance?
- ISO 17999 has changed to ISO 27001. Are your policies and procedures up-to-date with current existing industry norms?
Though IT policies are required for most organizations, they can create a hurdle when trying to create and adopt these standards. Often a list of do’s and don’ts was created in the past and is simply reused each succeeding year without modification. However, requirements, standards, and threats change rapidly. That is an area that warrants at least an annual review and update.
Besides the obvious rules, such as, “Don’t share passwords with others,” or “Admins may not read emails of others without specific direction and permission from upper management,” there are other, more involved issues to address.
Policies must keep in mind the organization. If it’s a small company, it may require only the basics so the exercise doesn’t overload the company and create a system that’s impossible to monitor and enforce. But if it’s a company that needs to follow ISO 27002 requirements, it needs a policy for each standard.
With many years of experience in multiple industries, the Enet 1 Group is extremely familiar with creating, revising, or refreshing policies to fit the organization. We are knowledgeable and current about all standards and guidelines, including Sarbanes-Oxley, ISO 27001 and ISO 27002. We will review your current policies and recommend any needed changes, including the addition or updating of mobile policies.
Since companies of all sizes struggle in this area, it’s helpful to utilize the services of an outside party to assess and recommend the possible changes needed specifically for your organization. We want to assist you on this complex compliance journey. Let’s discuss how we can work together to keep your company in compliance simply and effectively.
Give us a call or send us an email — we look forward to talking with you.