NEWSLETTER

Addressing some fundamental challenges

Steve Macmillan

Policy Management as a Service (PMaaS) makes the development, delivery and ongoing maintenance of IT policies very easy and cost effective.

The policy challenges that organisations typically highlight to PPS are fundamental -

  • No one in the team has the writing skills to develop policies that are easy to read and understand.
  • Everyone is already too busy on business as usual activities to dedicate time to drafting, reviewing and completing policy content.
  • Cross referencing policies to standards and best practice guidance requires a level of knowledge and understanding we don’t have in-house.
  • We don’t have defined processes or procedures for managing our policies, so they are not reviewed on a periodic basis and as a result don’t reflect our current business requirements or support the technology we are using.
  • Users highlight issues with policies - the use of too much technical terminology means the content is not easy to follow. Statement wording is out of date and is therefore no longer relevant.
How does PMaaS address these challenges? 

Policy content is written in plain English, so it is easy to read and understand

All best practice statements are written in plain English, have a corresponding explanation, and can be customised to match our clients’ business requirements. Using 3 “personas” - user, management and technical staff - means that the policies have been written contextually for them. Links from within the policy content provide easy access to supporting information such as forms, guidelines, and regulatory information.

Our experts map policies to recognised standards and best practice

All policy statements are aligned with international and local standards/best practice such as ISO, PCI DSS, PSN, CE+ and Cyber Assessment Framework (CAF) for Local Government. A range of onscreen buttons provide mappings to the associated audit and compliance indexes to help you achieve compliance. A key element of the service sees all mapping and alignment details being kept up to date for customers.

Workflows help to drive user engagement with the content

When a policy is ready for review, users can be prompted into action by the review notification service. An onscreen Policy Acceptance function makes it very easy and efficient for a user to review and accept a policy. Users can track the status of the policies they have to review and accept from their own My Policies page. Visibility of policy acceptances is provided in a range of reports and an API can be used to make the policy acceptance data available for use in other applications e.g. HR or LMS.

Managing user engagement

A range of functions in the PMaaS software help to manage engagement with the content and service. Single sign-on makes user access easy. Contractors and prospective employees can be enrolled to the service to review and accept IT policies, in advance of being given access to organisational resources. Stakeholder mode if assigned to a user allows input and feedback on policy wording from selected individuals at policy review time.

Reporting options provide engagement data across the organisation, by user and content type plus also help to identify inactive or non-compliant users.

Managing content

The ongoing management of policies is made efficient as PMaaS tracks policy review dates and generates review reminders to policy owners. Policy visibility settings provide flexible policy presentation options for the content of the user, manager and technical menus. The Policy Acceptance function can be set up on a per policy level or on a more granular “per statement” level. If required, policies can be output in DOCx format.

Build Security Awareness

User comprehension of User policy statement content can be tested by setting up a quiz based on your bespoke Acceptable Use Policy. Eight security awareness videos are provided under the security awareness section of the service covering topics such as phishing, use of social media and AI, to name a few.

With an Advanced Search function and Topic Index users can quickly pinpoint content they wish to view and, if required, use the comprehensive Glossary of Terms to get clarity about any terminology that is being used.

Download a copy of the Infographic - Policy Management as a Service FAQs - Managing Content and Users

Contact us today to book a live demonstration of the Policy Management as a Service software. 

 

 

< CAF for Local Government - Help is at hand!

The People, Process, Technology Combination >

PROTOCOL POLICY SYSTEMS

Contact Us Today

Fill in the form or call us on (UK) +44 845 241 0099 or (NZ) +64 9 570 2233