Information Security Policy
Information is an essential business asset that needs to be suitably protected. In the ever-increasing interconnectivity between business environments, protection of information assets is ever more important. Interconnectivity also results in the exposure of information to a growing number and a wider variety of threats and vulnerabilities.
Information Security Policy is the result of development of an appropriate control set, in the form of policy, practices, prosedures, organization structure and some functions in software, hardware and all information technology infrastructure to ensure the entire information security.
Our Services
The scope of Plasmedia's services covers:
- Establishing Information Security Organization
Arranging organization design, management and fundamental policies of information security organization establishment that will cover these following matters:- Organization form and structure;
- Elements that will be involved in organization;
- Authority, tasks, and responsibilty for every elements in the organization.
- Information Asset Classification
Arranging information asset classification belonging to the organization for the purpose of information security. - Composing the Information Security Manual
Identifying and preparing the manual that consists of policy, standards, procedures and guidance that will be used by the management and employees in connection with the information security system. Information Security Manual is based on ISO 17799/BS 7799 and includes:- Security Policy;
- Organizational Security;
- Asset Classification and Control;
- Personnel Security;
- Physical and Environmental Security;
- Communications and Operations Management;
- Access Control;
- Systems Development and Maintenace;
- Business Continuity Management;
- Compliance.