Policy Gap Assessment

how can we help you?

Contact us at info@symosis.com to get started, or request a callback by submitting the form below.

Information security policies form the cornerstone of an organization’s information security program. Without formal information security policies and standards, an organization cannot effectively secure its critical information assets. Symosis Security will audit your existing policy against security baseline requirements and develop and update policy and procedure documentation to comply with PCI DSS, HIPAA, HiTECH, NIST recommendations as well as corporate security program.

Policy and procedure documentation reviewed and updated during this exercise include but is not limited to

  • Network Security Policies & Plans
  • Security Governance Policies
  • Compliance & Risk Management Policies
  • Business Continuity Policies and Plans
  • Application Security Policies and guidelines
  • Audit Trails
  • Authorize Processing (C&A)
  • Contingency Planning
  • Data Integrity
  • Hardware and System Software Maintenance
  • Identification and Authentication
  • Incident Response Capability
  • Life Cycle
  • Logical Access Controls
  • Network Security
  • Personnel Security
  • Physical and Environment Protection
  • Policy and Procedures
  • Production, Input/Output Controls
  • Program Management
  • Review of Security Controls
  • Risk Management
  • Security Awareness, Training and Education
  • System Security Plan