Obtaining an ISO Certification means companies need to have Polices written to and abided for in regards to Data Access and Prevention of Data Loss

Information Classification, Labelling and Handling

Development of a policy that defines the data companies own and use (both in motion and at rest) and guidelines on effective and secure handling and communication of said data.

Data Access Management

Development of a data access management policy to ensure that users only gain access to the data they need to perform their work function.

User additions, changes & removal

Policy & associated process to ensure starters and leavers are processed properly and all security considerations are taken care of.

Report to show access by user. Regular reviews of access and passwords.

Report to be delivered on a quarterly basis to Mark for review with the business.

Reponse IT work with business to make sure their technology stack can Audit and report on all of these as well as helping you write your internal IT Policy