Information Technology having pervaded every sphere of day to day business operations, the complexity, pervasiveness and the inherent virtual nature of technology based operations has brought along risks, threats, vulnerabilities hitherto unparalleled. The ever- increasing risks to information dependent businesses has transformed information security into more of a day to day business practice rather than mere products, services and technologies. This would necessitate that clearly defined Information Technology and Information Security policies, practices, processes and guidelines are put in place so as to serve as the guiding best practices towards ensuring a safe and secure technology-based computing environment.
Plaudit can assist organizations in evolving and implementing strong and adequate information technology and information security policies, processes and standards. It will be also ensured that appropriate procedures and guidelines are developed for successful implementation including the practice of these policies, processes and standards. The information security policies, processes and standards shall serve as a base document on best practices for the resource personnel, for ensuring that the technologies, infrastructure and related components based upon thereof, are rendered safe, sound and reliable to work with. The documents created would also be based on adhering to the various statutes applicable and the various international standards.
Some of the documents which Plaudit can deliver includes:
- Organisational Information security policies
- Operating system and application, database management policies
- Business continuity and Disaster recovery policies
- Firewall, Router, IDS/IPS, Anti-virus security policies
- System acquisition and development policies
- Compliance policies
- Information asset management policies
- Human resources security policies
- Physical and environmental security policies
- Asset management procedures
- Internal audit procedures
- Document and record control procedures
- Risk management procedures
- Corrective and preventive action procedures
- Physical and environmental security procedure
- Baseline Security Documents for OS/ Applications/ Devices etc.
These documents need to be periodically reviewed, updated and upgraded wherever necessary so that they remain current and apt in relation to the technological dynamicity, changes occurring.