Best practice available off-the-shelf
There's no getting away from doing it. Doing information security is a documentation-heavy exercise. GDPR, UK DPA, PCI-DSS and ISO27001 all demand that you document every aspect of your security preparation; to get it right, you also have to follow in practice what you've written in theory. That means making sure your policies and procedures actually work and making sure you can communicate them effectively to all your stakeholders.
You pay for only the documents you need - there's no minimum number. A single annual payment lets you use the model document however you want inside your organisation.
We can also advise you on which ones you should license for your specific objective and help you customise them to suit your needs. We offer consultancy and training to support your implementation of the library and your certification or compliance process.
Policies, procedures and templates dealing with core compliance, classification and retention, DPIA and LIA, records of processing activity, privacy policies, data catalogues, crisis communications, DSARS and more.
Documents dealing with all aspects of cyber-security as required by regulation and certification. Covers physical as well as digital security, and includes operational procedures, configuration policies and staff training.
A framework to help you govern and manage information security risk at all levels from board to shopfloor. Includes the core information security policy, staff guidelines and controls, acceptable use and monitoring, audit, supplier selection and compliance.
Policy cross-references and implementation guides for GDPR/UKDPA/PECR; ISO27001:2013; PCI-DSS including service providers; and CyberEssentials as well as FCA Handbook and professional regulatory guidelines in law, accountancy and non-profit.
