Documentation has to do with all the necessary paperwork (both physical and electronic) that a company requires showing compliance and operational efficiency. IT Matrix is able to identify the business requirements and to measure compliance to policies based on international standards and auditing practices.
Policy Creation & Implementation
A policy is a statement of management's intent to ensure that certain tasks are performed and must be adhered to by all personnel and systems having access to the organizations information systems and buildings. As such it is a legal document that must be followed is all aspects. It is a statement on how the company will adhere to applicable local and international laws and regulations. IT Matrix consultants can assist your organization in drafting this policy, acquiring approvals from necessary parties, and implementing it across all applicable domains.
Process Creation & Implementation
Our experts can assist you to create and implement processes at all levels to ensure compliance to information security management systems requirements.
Procedure Creation & Implementation
A procedure is an outlines on how to perform a process for example User Management. Our experts can assist you to create and implement procedures at the lowest levels to support subsequent process. .
Work Instructions Creation & Implementation
Describes how to perform a task, which is a more detailed portion of the procedure such as Adding a User account to the Domain or Deleting user access to system X. Many businesses include work instructions to aid in training, to reduce mistakes, a point of reference for jobs... etc.
Baseline Security Standards Creation & Implementation
Baseline Security Standard (BSS) mandates certain minimum requirements that people, processes and systems will comply with before being given access to the organizations information. The BSS is usually identified as a technical document due to its reliance on technical controls to ensure compliance. An efficient and effective BSS should take into consideration international standards and best practices as well as the operational efficiency of the organization. While the BSS is not a policy per se, it should be mandated by the Information Security policy and is used to test compliance against the policy itself. IT Matrix draws its knowledge of setting BSS from experience and using international standards such as NIST and SANS. Additionally, we are able to allocate subject matter experts to assist with the adoption and implementation of the standards across the organization and within IT.