Security policy components have a specific relationship. The top level are policies. They are supported by standards or baselines, which in turn are supported by guidelines. The base level are procedures.

​

Process management is an umbrella term often used. In a process, input turns into tasks, using methods and tasks. A procedure is a nuclear component of that. Often people think about procedures when they talk about process management.

​

A successful cyber security concept must have a concerted system of policies, standards/baselines, guidelines and procedures. And it has to happen in that order. 

​

We often find that one ore more components mentioned above are already in place in a company. Our analysis will help reveal missing parts, or parts that might need to be reviewed, and help you to close existing gaps.