Security Governance Framework Development

We can work with you to develop and implement a security governance framework tailored to your organisation, taking in to account the nature and structure of your business, your information assets and your approach to information risk. This can include carrying out high level risk assessments, identifying critical security controls not implemented, drafting and implementing core policies and procedures, creating a suitable incident response plan and applying suitable security governance measures.

We’ll work collaboratively with your team to develop the management framework to ensure it suits your culture and business objectives. Although not an ISO 27001 standard Information Security Management System (ISMS), our approach will start the process of implementing foundational ISMS concepts and requirements. This will enable you to develop the governance framework in to a formal ISMS later, if desirable.

Policy & Security Documentation

We can develop a comprehensive suite of policies and associated security documentation for you as part of a security governance framework, or as a stand alone policy engagement. All policies, procedures, standards, guidelines and record templates we create will be tailored to your organisation using information we gather from your stakeholders during our engagement.

Common policies and documents we create for clients include:

Information Security Policy
Acceptable Use Policy
Access Control Policy
Information Classification Policy
Mobile Device Policy
Mobile & Remote Working Policy
Removable Media Policy
Clear Desk & Screen Policy
Information Transfer Policy
Encryption Policy
Secure Development Policy
Change Management Policy
Asset Management Policy
Supplier Security Policy
Business Continuity Policy
Identity & Authentication Standard
Secure Configuration Standard
Network Security Standard
Patching Standard
Protective Monitoring Standard
& More
icon

Need help with a Security Governance?

Please get in touch. You can call us or request a call back using our contact form. We’d love to talk with you and promise no hard sell.

Get In Touch

Our other Information & Cyber Security Services