Development of organisational documents for information protection
The information security system of any company begins with local regulations governing activities and procedures of information security implementation. Moreover, the analysis of documents is the first step both during the inspection by state regulatory bodies and the external audit of the information security system.
Based on many years of experience on behalf of customers as well as acting as third-party consultants and analysts, Step Logic specialists have developed their own approach to creating a clear, flexible and convenient system for information protection documents.
Step Logic specialists prepare documents tailored for each customer based on his or her demands for complying with information security regulations and recommendations:
- Requirements for organisation of personal data processing
- Requirements for ensuring protection of personal data
- Information protection requirements in state information systems
- Information protection requirements in automated control systems
- Requirements for safe use of cryptographic tools
- Requirements of the Bank of Russia to information security for the national payment system
- Recommendations to information security management systems from standard ISO/IEC 27001 (GOST R ISO/IEC 27001)