ENTERPRISE RISK MITIGATION POLICY REVIEW & DEVELOPMENT
The 2003 "State of Information Security" study published by CIO Magazine, reported that less than 1/3 of companies provide any guidelines or standards regarding compliance, enforcement, or incident response in their current information security policies. Most significant is that 10% of companies reported having no formal security policy at all!
Churchill & Harriman believes sound security policies and procedures are the foundation for protecting your organization's information assets. We build your foundation using industry best practices to evaluate existing security policies, analyze gaps and potential risks, and then execute a policy remediation plan to address your specific needs.
Our policy development, implementation, and compliance measurement solutions will establish a standard of security guideline and controls designed to reduce your current risks and lay the groundwork for meeting future security challenges.
SERVICES
Policy Development - A proper security policy foundation is established by first evaluating your existing policies, if applicable, and then develop new policies that meet your individual requirements. A focus on policy compliance with industry regulations and/or ISO27001 standards is incorporated.
Implementation & Training - Access to new policies and procedures, updates, and revisions is provided to users online via a simple to use web interface. Immediate and continuous access to this information will have a significant impact on user awareness and assimilation of your security policies, and their compliance to your security standards.
Policy Compliance Measurement - Our compliance measurement tools will help evaluate your organization's level of policy compliance and provide the metric data necessary to develop custom enforcement and training solutions.
For more information on Churchill & Harriman, please Click Here.
Engaging Your Vendors
Integrating the BITS Shared Assessments Program Elements
Into Your Vendor Management Program
