Solutionary > Security Consulting Services > Policy Review & Development

Services and Solutions

Managed & Monitored Security Services

Event Correlation & Information Management

Device Monitoring & Management

Internal & Perimeter Vulnerability Management

Intrusion Prevention Services

PCI DSS 1.1 Monitoring

Unified Threat Management

Security Platform Services

In-the-Cloud Security

Compliance & Risk Management

Risk Assessment & Compliance Measurement

ISO, PCI, SOX, CobiT, COSO, HIPAA Compliance Reporting

Security ROI Metrics

Benchmarking

Security Consulting Services

Application Security Assessment

Vulnerability Assessment

Certified PCI Audit Services

Policy Review & Development

Architecture Review & Development

External Penetration Assessments

Incident Response & Forensics

Policies define why information security is important to the organization and describe the organization's high-level information security philosophy. Policies should be brief technology and solution-independent documents that generally are expected to remain relevant and applicable for a substantial period of time.

Each policy should have several associated standards that define what the acceptable level of security is for a specific policy area. Standards may be technology or solution-specific, and provide more measurable criteria for satisfying the high-level objectives defined in the policies. Finally, procedures and guidelines describe how to implement the standard.

Service Description
Most organizations have some form of security policy. Whether documented and published or merely verbally implied and communicated, today's standard-driven world is forcing organizations to formally document and enforce security policies based on industry standards of good practice.

Solutionary can develop and customize a plan to help your organization reach its security goals. For example, if your organization has a documented security policy, which needs to include controls to meet a particular industry standard (e.g., CobiT, PCI, ISO,), you can utilize Solutionary's team of experts as your trusted advisors to provide the following:

Review existing policies
Compare existing policies with selected industry standards
Suggest changes to existing policies
Identify gaps in existing policies
Develop new controls for inclusion in existing policies

Solutionary can also provide similar assistance with your guidelines and/or standards development.

Solutionary Advantages
Solutionary's policy related services focus on developing or reviewing your security policies as they relate to your overall business requirements and objectives.

Our certified security professionals with extensive experience in policy review and development for organizations of all sizes and industries ensure your finished product meets your objectives.
Solutionary identifies key policies required to meet industry standards of best practices and due diligence requirements.
We develop the policies in collaboration with key members of your team, never in a vacuum.
Documentation is delivered in the format defined by your organization to facilitate implementation.
Solutionary can go beyond the review and development of your policies, to address your needs for a security awareness program and training.

Service Benefits
Concerns about security and compliance are encouraging information security managers to spend more time working on policy. Unfortunately, policy writing is a risk communications exercise that is frequently requested of people who do not have a strong background in that area. They know what they want to see happen, but they often lack the skills needed to create good security policy. Utilizing experienced security professionals from Solutionary for the planning and writing of policy can make a big difference in how effective it is in reducing risk.

Our experience with organizations in every industry, from SMB to global international Fortune 100s avails you of current knowledge and peer best practices.
We are intimately familiar with regulatory requirements and industry standards including ISO, CobiT, and NIST, to name a few.
Solutionary can dedicate resources for a seamless, fast, and cost-effective security policy initiative.

At Solutionary, we make security manageable.