Small to Medium business sometimes need to gain accreditations to work with larger companies due to complance and this usually means being audited by external organizations. For a business to pass these Audits or gain these accreditations you need to have a subject matter export in Information Systems via auditing, control and security

The biggest issue in developing policies and procedures is getting access to the custome’’s key people to extract the necessary information. That is always the challenge so need customer to organise access.

Another consideration is that in defining the information to be source differs between entities and industry so work needs to happen prior to the actual engagement to develop the content.

Usually they will need an initial 2 week period to prepare, investigate and workshop with the key stakeholders for the policies:

Rule of thumb is each policy will take 3 days to complete.

We then need to undertake a customer review, make changes and present these back to the customer