Policy & Procedures - Development, Audit, Maintenance

Development, maintenance, communication and operation of effective, relevant, concise and clear policies and procedures are critical to the establishment, operation and compliance of any Information Security Management System.



A security policy establishes who is authorised to access different types of information, and points to standards and guidelines regarding how much and what kinds of security measures are necessary for your particular organisation. Procedures provide the method for implementing standards and guidelines in order to carry out the established policy.

Ward Solutions develops polices and procedures, based on best practices and real world experience in line with ISO 27001. In addition to the development of new polices and procedures we also perform gap analysis and update services on existing.

Finally we can you to effectively communicate and educate your staff on your policies and procedures efficiently cost effectively whilst tracking this communication and your users comprehension of these libraries.

Use Ward Solutions policy services to:

  • Audit and review your existing policy libraries against best practices, legal, regulatory and other relevant compliance frameworks such as PCI DSS, Data Protection, ISO etc.
  • Develop new or revised policies as appropriate.
  • Deploy policies into your organisation using training, policy communication frameworks and tools, specification, implementation and operation of information security policies.
  • Tracking communication to users and comprehension by users of your policies and procedures
  • Ongoing policy relevance, completeness and effectiveness review.
  • Ongoing policy update and maintenance services.






Case Studies