ESTec Security
Client Login
ESTec Security Search Sitemap Contact Us
About Us Products & Services Newsroom Education Careers
Quick Finder
Vulnerability Assessment
Incident Response
Intrusion/ Penetration Testing
ISO 27001 / ISO 17799 / BS 7799
Information Technology Risk Assessment
Security Policy Review and Formulation
Telecommunications Audit
Code Audit
Network Architecture Reviews
Firewall Rule Set Audit
Security Log Analysis
Expert Witness
Disaster Recovery Planning & Plan Reviews
Security Auditing
Security Awareness Programs
New Features




Security Policy Review & Formulation

The policies you use to protect your information assets depend on your security goals that must be up-to-date, meet all standards for your industry and commerce, and be concisely- transmitted to every manager, all end users, and the entire operations staff. A security policy must be carefully created. It is a documented and formal statement of the rules that regulate how your particular organization manages, protects, and uses information and information assets. The security policy will therefore be tailored to your business, its goals, setup, and controls, and the systems' distribution of user responsibilities.

Sample Case

Customer: Major American Power Generation Company
Services: Security Policy Review
Problem: Policies had been developed in the late 60's for securing information assets that existed within the mainframe computer environment. The current environment, however, had evolved into a modern distributed network environment, making the old policy difficulty to apply and sometimes impossible to administer. The policy had become irrelevant and was generally ignored.
Solution: ESTec consultants worked with the client to develop principles-based policies that met current systems and would be the basis for all computer evolutions within the foreseeable future. Management adopted the new policies. They implemented the security awareness training, which ESTec recommended to them, and changed at once to the new set of security management functions required by the new information security policies.
Results: With security policies that actually worked in the modern computing environment, it was once again possible to apply the policy. Security management became easier and the number of security breaches was greatly reduced.

For more information on our Security Policy Review and Formulation Procedures Click Here.

About Us | Products & Services | Newsroom | Education | Careers | Contact Us | Privacy Commitment | Terms of Use

©2002 ESTec Systems Corporation. All rights reserved.