Skip to main content

Articles

What to Include in Your Company’s ISP

Date

February 16, 2022

Read Time

1 minute

Share


All companies, regardless of size, should have an ISP, or Information Security Program. Because an ISP is designed to mitigate the risk of an information security breach and meet compliance with regulatory requirements, a company’s ISP should focus on creating policies and procedures relating to the following: (1) data governance and classification; (2) access controls; (3) capacity and performance planning; (4) systems and network security; (5) systems and network monitoring; (6) systems and application development; (7) physical security and environmental controls; (8) risk assessment; (9) incident response; and (10) personnel training.

Click here to read more of Lisa Vandesteeg’s article for BigTime Marketing, including a checklist designed to help you create an ISP that meets the needs of your business.


Filed under: Financial Services & Restructuring

March 22, 2023

Silicon Valley Bank’s Parent Company Declares Bankruptcy

Read More

June 22, 2022

Increase in Subchapter V Debt Limit Extended for Two Years 

Read More