Information Security and Policy Consulting
Company Information    ||    Clients    ||    White Papers    ||    Contact Us  
Polar Cove Strategic Consulting

Home

Strategic Consulting
Info Risk Management
Policy Consulting
Security Strategy

Professional Services
Vulnerability Assessment
Penetration Testing
Attack Simulation
Vulnerability Scanning
Application Security Testing

SOX and SAS-70s
Sarbanes-Oxley and IT Regulations
Sarbanes-Oxley Sec. 404 Roadmap
SAS-70 Overview and Planning
SAS-70 Frequently Asked Questions

Company Information
Clients
White Papers
News
Contact Us
Events
Security Policy Consulting

Security involves people as well as systems. Polar Cove works with each client to develop an effective, responsive security policy. The results: Management is ensured that employees pose fewer security risks. Infrastructure management improves. Risks to customer trust and loyalty are enhanced. Infrastructure operates more efficiently.

Polar Cove’s policy evaluates each client’s requirements for security policy. Some of these requirements are organization-specific. Others may involve compliance, whether legislative or contractual. Still others, such as virus prevention, reflect good business practices in an Internet environment.

Polar Cove consulting team with each client’s management and operational staff to develop plans that are based on “best practices” from industry standards for security in organization, personnel, physical controls, asset classification and control, network and computer management, application development, and compliance. At a minimum, the security policy that is developed includes:

  • Defining information security clearly and providing a statement of management’s security standards.


  • Describing specific security requirements, such as:
    • compliance with legislative and contractual requirements,
    • education, detection, and prevention,
    • standards for ensuring business continuity,
    • roles and responsibilities,
    • processes for reporting suspected security incidents, and
    • maintaining the security policy document itself.

Policy Consulting Includes:

  • Reviewing each client's business and the related security goals and requirements.


  • Assessing current IT strategy and security concerns, as well as new developing requirements for security management.


  • Comparing and contrasting existing security strategies to best practice standards and business expectations.


  • Providing clear security policies for management and for operational staff.

Polar Cove delivers security policy documents for management to use in meeting both industry-wide and client-specific security practices.

 

| Download the Policy Consulting Brochure [pdf 84k]

[ Back to Top ]

  
White Papers
›  IT Security Benchmarking – Compare yes, but insist on hard data too.
›  IT Security Awareness in Finance – “ People are the weak link
›  Understanding the Many Benefits of a SAS 70
›  SAS 70 Overview and Planning Guide
›  Polar Cove’s Experience in Sarbanes-Oxley Sec. 404 – A Roadmap

more »

You Should Know...
As a result of under-investment in IT security, there is a growing disconnect between the priority placed on IT security by the board of directors, and the actual security controls in place.

An example of this is the number of businesses with a security policy. While this has doubled since 2000, it is still only 27%. A security policy is the most basic discipline in information security. Yet, nearly three-quarters of busineses have still not set out their policies in respect of information security and communicated them across their organization.

Source: UK Department of Trade and Industry Information Security Breaches Survey

    more »


Contact us
For any questions you may have, contact us at
1-401-454-3939.
Our Polar Cove representative will answer and assist you with your specific needs.

 

   Privacy Statement    ||    Sitemap    ||    Careers
© 2005     Polar Cove