Documents, Policies, Etc

Use this template policies, standards and procedures to document how Internal Controls should be designed, build and most importantly systematcially operated. These documents link to Internal Controls and Compliance Requirements.

35

0%
Current Policies

0

0%
New Policies

0

0%
Updated Policies
Actions
Title
Short Description
Version
Internal Controls
Security Governance Policy
This policy describes the base upon which GRC is designed; implemented and operated to ensure compliance and continuous improvement.
1.4
Security Awareness Trainings Key GRC Components Inventory Reviews GRC Team, Competences, Roles and Responsibilities Log Reviews
SIEM Standards
Describes the standards under which SIEM must operate
1.1
SIEM Review
Subject Data Request Processing Procedure
This process documents the steps required to perform to deal with Data Subject requests
1.1
System inventory
Inventory of all the systems in the scope of this program
1.1
Endpoint Hardware Inventory Standard Server Build - Windows Change Mgt Reviews Log Reviews Standard Server Build - Linux WPA2 Secured Wifi Networks End-Point Reviews Software Deployment Reviews CMDB Reviews Log Reviews Corporate Application Inventory
Technical Infrastructure CMDB Management Procedure
The process by which IT is able to keep an updated list of assets and owners
1.1
Third Party Relationships Security Policy
Governs the required security and compliance diligence when the organisation initiates business relationships with third parties
1.3
Supplier Vendor Assessments
Vulnerability and Incident Management
This procedure describes the steps required to handle the identification and treatment of vulnerabilites and incidents across the organisation.
1.1
Regular Vulnerability Scanning System Patching Penetration Testing Incident Management Process Review