Security is a process. VigiTrust is your guide.
PCI Standards Security Council

Polices & Procedures

Effective Polices & Procedures are crucial for successful security strategies

Policies & Procedures are crucial to implementing an effective data security strategy. They should be viewed as the glue that holds all aspects of data security together, without effective policies & procedures (P&Ps), each aspect of data security would be a collection of disparate parts. 

This is why VigiTrust believes it is imperative that organizations are provided with effective P&Ps which suit their business strategy as well as corporate security strategy. VigiTrust have developed over sixty classes of polices to address each aspect of data security. 

Areas addressed by VigiTrust's Policies & Procedures

 VigiTrust has developed the 5 pillars of security framework on which its' P&Ps are based. Each of the following areas are addressed: Physical Security, People Security, Data Security, IT Security and Disaster Recovery & Business Continuity. 

 5pillars_overview_colour_500pix

Customization of policies.

For policies to be effective, they must reflect the organizations' specific requirements.  VigiTrust pays special attention to tailoring its polices to match organizations' strategic requirements and ensures they comply with the relevant legal and industry frameworks that apply.

VigiTrust has developed a four step process for both selecting and tailoring the policies & procedures required each organization.

Step 1 Discovery - Through VigiTrust's consultative approach working with staff, a detailed map of an organizations’ structure and risks is created.
 
Step 2 Policy Selection & definition
Based on the map created in step 1, VigiTrust selects the policeis that will be required. These policies are then modified to reflect the organizations specific circumstances.

Step 3 Appraisal
The tailored policies are then reviewed in consultation with the customer, in order that all requirements are addressed effectively.

Step 4 Execution
Based on customer feedback, any final adjustments are created before the final  policies & procedures are deployed.

Tried & Tested polices & procedures

The Policies & Procedures employed by VigiTrust are based on data security best practice, taking in to account ISO27001 and PCI DSS. In addition they are based on VigiTrust's extensive experience in helping clients become compliant with one or more data security standards. VigiTrust has learned from working with auditors, which policies are not only effective but are also likely to be accepted by official auditors.

For more information on the importance of P&Ps and for some detail on the P&Ps provided by VigiTrust,  click on: 
Ensuring IT Policies&Procedures Comply with DSS

 

SAMS
Sample
Enabling control of compliance process.
Resource Center
Sample
The industry leader in security/PCI info.

VigiTrust

© 2008 VigiTrust Ltd.
PCI Standards Security Council