News
- No news items currently available.
VT on Twitter
- RT @JeremyKingPCI: Looking forward to catching up with everyone tomorrow at the Vigitrust London event. Great line up of speakers, and m ...
- Mon Jan 30 12:09:07 CST
- We are looking forward to the PCI DSS European Road Show, and hope to see you there. More info @ Read more. #merchant
- Fri Jan 27 10:46:03 CST
- @jameslyne Are you attending the PCI DSS Road Show next week in the London Transport Museum? For more info, visit Read more. #PCI
- Wed Jan 25 15:33:39 CST
Policies & Procedures
Effective Polices & Procedures are crucial for successful security strategies.
Policies & Procedures are crucial to implementing an effective data security strategy. They should be viewed as the glue that holds all aspects of data security together, without effective policies & procedures (P&Ps), each aspect of data security would be a collection of disparate parts.
This is why VigiTrust believes it is imperative that organizations are provided with effective P&Ps which suit their business strategy as well as corporate security strategy. VigiTrust have developed over sixty classes of polices to address each aspect of data security.
Areas Addressed by VigiTrust's Policies & Procedures
VigiTrust has developed the 5 pillars of security framework on which its P&Ps are based. Each of the following areas are addressed: Physical Security, People Security, Data Security, IT Security and Disaster Recovery & Business Continuity.
Customization of Policies
For policies to be effective, they must reflect the organizations' specific requirements. VigiTrust pays special attention to tailoring its polices to match organizations' strategic requirements and ensures they comply with the relevant legal and industry frameworks that apply.
VigiTrust has developed a four step process for both selecting and tailoring the policies & procedures required each organization.
- Step 1 - Discovery: Through VigiTrust's consultative approach working with staff, a detailed map of an organizations’ structure and risks is created.
- Step 2 - Policy Selection & Definition: Based on the map created in step 1, VigiTrust selects the policeis that will be required. These policies are then modified to reflect the organizations specific circumstances.
- Step 3 - Appraisal: The tailored policies are then reviewed in consultation with the customer, in order that all requirements are addressed effectively.
- Step 4 - Execution: Based on customer feedback, any final adjustments are created before the final policies & procedures are deployed.
Tried & Tested Policies & Procedures
The Policies & Procedures employed by VigiTrust are based on data security best practice, taking in to account ISO27001 and PCI DSS. In addition they are based on VigiTrust's extensive experience in helping clients become compliant with one or more data security standards. VigiTrust has learned from working with auditors, which policies are not only effective but are also likely to be accepted by official auditors.
For more information on the importance of P&Ps and for some detail on the P&Ps provided by VigiTrust, read Ensuring IT Policies&Procedures Comply with DSS.
