Introduction to Procedures

A procedure documents, in operational detail, how to perform specific tasks to ensure adherence to and compliance with a cybersecurity policy. Some procedures may be explicitly related to security, such as how to reset a password.  Others may be more general, such as requiring background checks during the hiring process. That is one reason these may more generally be referred to as Procedures rather than Security Procedures.  In most organizations, Procedures get integrated into other handbook like information that employees use to know how to do their job.

securityprogram.io (SPIO) provides a set of tasks related to procedures and templates of easily editable procedures that can be adopted and used by your organization. By adopting SPIO’s procedures, and adapting them to your organization’s specific needs, your IT staff will be able to ensure that your organization complies with your adopted all relevant security policies and controls.

SPIO standard procedures include tasks for relevant stakeholders who have access to your systems, networks, and data to ensure protection:

• IT Staff: procedures cover areas such as
  • security audits,
  • account provisioning and deprovisioning,
  • risk management, and
  • incident response
• Users: procedures cover areas such as
  • password management,
  • securing mobile devices when traveling, and
  • proper use of technology and systems while working remotely
• Vendors: procedures cover areas such as
  • vendor security assessments,
  • proper boundary and endpoint protections, and
  • physical security requirements for cloud hosting servers

With SPIO, your security posture will be strengthened by our simple-to-deploy policies, procedures, and training.