paint texture

Information Security Policies

Provide a comprehensive baseline for identifying what must be done in your organisation to protect your business information assets.
paint texture
Risk Factory Guarantee Badge

The Risk Factory Guarantee

No questions asked, full refund if you are not 100% happy.
Find Out More
Megaphone paint texture

Factory Fact

The average cost of a security breach for a small company is £115k.
View our resources
Ringing Phone Icon paint texture

Need some help?

Speak to an expert. Contact our “Factory Foreman” and he can answer any questions you may have.

Call us on:
0800 978 8139
Contact Us

get an instant quote

Number of Services

Price: £0.00
Added

What are they?

Information Security Policies provide a comprehensive baseline for identifying what must be done in your organisation to protect your business information assets. Good policies are simple, pragmatic, and should be clearly communicated to your employees from the top down. They can proactively define and promote a culture of awareness, action, and responsibility.

As a set of requirements, they can also be used to generate an audit plan or checklist to ensure compliance. Done properly, no other mechanism has the power to ensure that all employees are working towards the established business goals as a good set of policies and procedures. Comprehensive and detailed policies set the foundation for your information risk management program as they are required to meet virtually all applicable legislation and regulations.

Why should I do it?

How could you not? Baseline policies enable your management, staff and 3rd party suppliers to understand the minimum they must (and must not) do to ensure that your sensitive business information is protected.

Establishing Information Security Policies is also internationally recognised best practice and required for compliance to virtually all governance risk and compliance frameworks.

How often should I do this?

Once established, your policies should be re-evaluated after any major change to your systems. At a minimum, they should be reconfirmed and updated annually to keep them current with your business security objectives.

What will Risk Factory do?

  • Provide template best practice Information Security Policies for your branding and implementation.
  • Deliver an additional template of recommended “control-level” procedures required for actually implementing the policies.
  • Conduct a workshop for management and key business stakeholders to ensure their understanding and finalisation of the policies for implementation.

Provide one year of telephone support from an information security policy specialist to answer any questions or issues you may have regarding the implementation of the policies.

What will I receive?

Is there anything I need to do in advance?

You’ll need to speak with our policy specialist so we can understand your current policy goals and objectives and schedule a workshop and then ensure that the appropriate business stakeholders are available to attend the workshop. If you have any questions, don’t hesitate to contact the Factory Foreman.

Please consider updating your browser

This website has been designed using modern web technologies which unfortunately, are not supported by your browser. This means that many parts of the site will not function as intended.