Information Security Policies and Procedures (ISPP) communicate management intent on information security requirements and provide consistent guidance to your IT team and users. It demonstrates your commitment to information security and also provides assurance to your auditors.
Turnkey provides assistance in developing and documenting ISPP. Apart from ISPP, we also assist you in documenting information security guidelines/ baselines/ standards for various technology components such as operating systems, database, routers, firewalls, network, etc.
Turnkey assists you in developing an ISPP, which is technology independent, practical and implementable, flexible to accommodate changes in business requirements and growth and enforceable at all levels of your organization. The ISPP will address your management’s intent, security objectives and map these to overall business objectives.
Turnkey offers an ISPP, which aims to achieve a balance between business risks and benefits through a structured framework incorporating People, Process and Technology.
Our ISPP is also aligned to industry standards such as ISO27001.
Turnkey follows a structured phase-wise approach, which consists of three phases:
We also assist you in running and managing information security awareness programs. This includes development of awareness materials such as training slides, posters, email communications, competitions, CBT, quiz, interactive programs, etc.