Cyber Security and Privacy Policy Architecture

CipherTechs’ Policy Services performs policy review, update, or creation to assist organizations in either developing, updating, or revising cyber security, IT Audit, or privacy policy architecture from scratch or reviewing existing programs against industry standards, such as ISO 27000, NIST, or other industry best practices and regulations to include policies, standards, and guidelines.

This service implies more than simply applying a generic security policy template to the specifics of the organization. The key focus is based on the organization’s culture and individual needs in understanding what information the organization needs to protect, assessing its value in relation to the organization’s overall business, and defining an overall vision to integrate security and privacy into all levels of company operations. CipherTechs’ Policy Service can also prepare or update existing operational policies, procedures and diagrams.

Prior to initiating the review and development of company-wide security policies, CipherTechs’ Security Analysts typically undertake asking a series of questions to establish an organizational security baseline to include:

  • Information and assets value review
  • Data Governance review
  • Cyber Security and Privacy review
  • Contractual requirements review

Who is it for

Any organization that runs a lean support team or does not know where to start or update their current policy architecture to meet the current organizational cyber security, audit, and privacy needs.

How is it performed

CipherTechs’ compliance and audit services help organizations to first assess their requirements to limit the amount of documentation to meet organizational needs, then using existing organization templates, guide organizations through policy architecture to meet needs. After a review and requested updates are performed, deliverables are in Word format to allow the organization to make future updates to be published on their internal Intranet.