February 15, 2018
It’s now quicker, easier and more cost effective to address your IT Security Policy needs!
Protocol Policy Systems (PPS) and SOCTIM are pleased to announce the immediate availability of our new Policy Management as a Service offering to the UK Local Authority sector.
This cloud-based subscription service allows Local Authorities to deliver up to date IT Security Policies for all staff including technical and management roles, eliminating the overhead of creating, updating and maintaining those policies in-house.
All the hard work of gaining expert knowledge, developing and maintaining IT Security Policies to keep them current and mapped to standards such as ISO, PCI, PSN is taken care of by the PPS team on behalf of our Local Authority clients. We become you IT Security Policy partners.
As the service is provided on a fixed annual subscription basis you can predict the annual cost of ensuring this time consuming and laborious job is being taken care of by subject matter experts.
If you are facing any of the common challenges outlined below, then the PPS service offering can help you:-
Q. Do we have someone available with subject matter expertise to do this work?
A. Many organisations struggle to identify any staff member that chooses to do this work, or has the experience in writing good policy content that can then be mapped to international standards.
Our team of experts write IT security policies every day for customers, ensure that the wording is in easy to understand language and is cross referenced to standards within the Protocol Policy System.
Q. How long should it take to develop or update policies?
A. The allocation of time and budget each year to maintain policies is often overlooked. Commonly a set of policies are developed on a “big bang” basis every 5-8 years and the investment required to do this work is significant. Once done the policies are then typically left as is and rarely maintained or refreshed until the cycle repeats itself. It is estimated that it takes over 2 years to develop a comprehensive set of policies from scratch and work out how to map them to standards.
Protocol Policy Systems typically can deliver a comprehensive suite of IT Policies in under 8 weeks (elapsed timeframe). Our consultants run a workshop with key stakeholders on site as part of the delivery process. The final system we deliver will contain policies that are customised and branded to each organisations requirements and fully mapped to standards such as ISO27002, ISO22313, ISO27017, PCI3.x etc.
Q. How do I manage policies when standards, legislation and technologies never stand still?
A. PPS has a team of subject matter experts constantly reviewing standards and legislation in order to reflect necessary changes and updates within the IT security policies.
Q. We’ve got a set of policies for when we get audited. That should be sufficient, right?
A. IT policies, once completed, are very often filed away at HQ and rarely seen or used. No “visibility” results in no accountability and no adherence to your desired IT Highway Code of Conduct. This is further compounded if an organisation is geographically dispersed or de-centralised.
Providing access from each users desktop to an IT policy management software means you are on the path to developing greater security awareness and understanding with your management and staff. Also access to a range of forms, logs and guidelines such as an Incident Report Form, Request for Change Form, Staff Remote Access Form and more.
Partnering with a specialist organisation in Protocol Policy Systems for an annual fixed fee will reduce your investment in establishing and maintaining a suite of IT security policies in house, or using a contracted resource by as much as 70%.
If you would like to arrange a gap analysis on your existing policy suite or wish to assess the costs you incur establishing and updating your IT security policies against our comprehensive suite of customised IT Security Policies, then please contact us.