A good security policy framework should form the cornerstone of any effective security program, and is arguably more important than any technological aspect in terms of absolute contribution. Despite this, many organizations either have no defined security policy or have a two page Internet boilerplate with the organization’s name pasted in. In today’s climate of increasing industry and government regulation this can place many organizations in a position of non compliance. Add to this the well known insider threat, much of which is not malicious but rather well intentioned employees without the proper guidance, and the importance of a strong security policy framework becomes even more evident.
At IDMA3 we have helped organizations large and small craft security policy frameworks which truly fit their needs. With projects in the United States, the European Union, Australia, and Asia, and across industries such as finance, healthcare, education, software, and government, IDMA3 has the policy expertise you need.