Develop the “4PS”
The 4Ps are the blueprint by which we will work with your company to reduce your Information Security Risk Exposure. We will develop your:
Policies: The Policies are defined, written, and published for all to follow. Policies range from standards your IT personnel will follow to end-user usage policies. Many policies then get translated into technical controls applied to your Information Systems.
Plans: The Plan or set of plans can begin as high-level as an Enterprise Architecture or be as discrete as a Continuity of Operations Plan.
Procedures: Procedures are the documented standard processes your company will follow to protect itself from your internal and external risks.
Standards: Standards set everything from Password complexity to acceptable data loss levels for your organization.
Practices: Practices are where this becomes real. Practices are how well your organization is executing your Policies, Plans, Procedures, & Standards.
All of these and the results from the previous process step converge into our assessment report that your organization can use to guide remediation actions.