Skip to main content


What to Include in Your Company’s ISP


February 16, 2022

Read Time

1 minute


All companies, regardless of size, should have an ISP, or Information Security Program. Because an ISP is designed to mitigate the risk of an information security breach and meet compliance with regulatory requirements, a company’s ISP should focus on creating policies and procedures relating to the following: (1) data governance and classification; (2) access controls; (3) capacity and performance planning; (4) systems and network security; (5) systems and network monitoring; (6) systems and application development; (7) physical security and environmental controls; (8) risk assessment; (9) incident response; and (10) personnel training.

Click here to read more of Lisa Vandesteeg’s article for BigTime Marketing, including a checklist designed to help you create an ISP that meets the needs of your business.

Filed under: Financial Services & Restructuring

January 24, 2024

Commercial Real Estate Disputes in Subchapter V Chapter 11 Cases: Landlord and Tenant Rights in Bankruptcy Proceedings

Read More

December 06, 2023

Privacy and Security Best Practices in M&A Transactions

Read More