Follow Us:

Governance

Governance

Information Security Policy Program

Our Information Security Policy Program is offered in three tiers. First, our security analysts will provide a comprehensive review of your current Information Security Policy, Procedures, and Employee Use Guidelines against regulatory requirements, industry standards, and SCA best practices. This review will serve as the foundation for the creation and/or revision of your Information Security Policy, Procedures, and Employee Use Guidelines.

 

The second tier is information security Policy and Procedure Development. Using the analysis from the policy and procedures review, along with additional data collected to capture practices that may not be documented, we craft Information Security Policy, Procedures and Employee Use Guidelines that meet regulatory requirements, industry standards, SCA best practices and are specific to your organization. Our process and resulting deliverables are more than a simple template exercise.

 

The third tier is Information Security Policy and Procedures Maintenance. SCA continuously monitors legislation and regulatory agencies for new laws and regulations affecting data privacy and security. Our analysts will update your Information Security Policy, Procedures and Employee Use Guidelines to keep pace with legal and regulatory changes as well as changes to your systems, environment, and staff.

 

Incident Response Program

Our Incident Response Program is offered in three tiers. First, our security analysts will provide a comprehensive review of your current incident response plan and procedures against regulatory requirements, industry standards, and SCA best practices. This review will serve as the foundation for the creation and/or revision of your incident response plan and procedures.

 

The second tier is Incident Response Plan and Procedures Development. Using the analysis from the Incident Response Plan and Procedures Review, along with additional data collected to capture practices that may not be documented, we craft an Incident Response Plan and Tactical Procedures that meet regulatory requirements, industry standards, SCA best practices and are specific to your organization. The resulting deliverables provide a cohesive process for your organization to respond to cybersecurity incidents, safeguard your data and systems and perform the required notification.

 

The third tier is Incident Response Plan and Procedures Maintenance and Testing. SCA continuously monitors legislation and regulatory agencies for new laws and regulations affecting data privacy and security, in addition to changes in the cybersecurity threat landscape. Our analysts will update your Incident Response Policy and Tactical Procedures to keep pace with these changes. On a frequency determined by you, we will also lead your incident response team through tabletop exercises so that all team members are familiar with their roles and responsibilities while responding to an incident.

 

Disaster Recovery and Business Continuity Program

Our Disaster Recovery and Business Continuity Program is offered in three tiers. First, our security analysts will provide a comprehensive review of your current disaster recovery and business continuity plan against regulatory requirements, industry standards, and SCA best practices. Our process is unique because we include interviews and input from business unit managers to gather important information while creating understanding and ownership of the plan. This review, along with the completion of a Business Impact Analysis, will serve as the foundation for the creation and/or revision of your disaster recovery and business continuity plan and procedures.

 

The second tier is Disaster Recovery and Business Continuity Plan Development. Using the analysis from the Disaster Recovery and Business Continuity Plan Review, along with additional data collected during the Business Impact Analysis, we craft a Disaster Recovery and Business Continuity Plan that meets regulatory requirements, industry standards, SCA best practices and are specific to your organization. The resulting deliverables provide a cohesive process for your organization to follow in the event of a natural or man-made disaster and considers which business units, operations, and processes are essential for organizational survival.

 

The third tier is Disaster Recovery and Business Continuity Plan Maintenance and Testing. SCA continuously monitors legislation and regulatory agencies for new laws and regulations affecting data privacy and security, in addition to changes in the cybersecurity threat landscape. Our analysts will update your Disaster Recovery and Business Continuity Plan to keep pace with these changes as well as changes to your systems, environment, and staff. On a frequency determined by you, we will also lead your disaster recovery and business continuity team through tabletop exercises so that all team members are familiar with their roles and responsibilities after a natural or man-made disaster.