Policy Development   


Policies are the blueprint for your information security activities. Effective policies must cover all relevant areas without limiting your business activities.

They must be carefully tailored to your environment and reinforce, rather than weaken, your corporate culture. They must provide for reasonable expected growth, as well as current concerns. These policies and procedures must be periodically reviewed and updated.

Lightwave has been providing policy development services for nearly 20 years and specializes in developing information security policies and practices to address the business requirements of diverse IT environments. We work with our clients’ internal management and staff to develop customized security policies that address prevailing risk to the enterprise while providing a platform to implement the latest security procedures for global organizations, their employees and business partners.

Our comprehensive methodology is designed to ensure a thorough examination of an organization's specific business and regulatory requirements. The assurance of regulatory compliance is accomplished via extensive audit methodologies. Our approach to accomplishing these objectives includes:

• Data Gathering: Our security consultants conduct a series of in-depth interviews to understand a company's specific risks and business requirements.
  
  
• Policy Draft: Using the information obtained in Step 1, we create a comprehensive set of policies and procedures to address any areas of need identified.
  
  
• Internal Review: Having created a draft policy, our professionals engage in reviews of the draft with the client to ensure that all security objectives are addressed by the policy.
  
  
• Implementation: Once the client approves the policy, we then deliversa final draft for implementation.
  

Disaster Recovery Planning

Sixty percent (60%) of those organizations who suffer from natural or man-made disasters do not survive. Disaster Recovery Planning, a business process providing for the timely restoration of vital business functions, must be an integral part of your security program. These plans can take many forms and can be quite simple or very elaborate. We will work with you to design, implement and test plans to meet your business requirements.


 Assessment Services  

• Global IT Security Assessments
• Enterprise IT Risk Assessments
• Application Risk Assessments
• Policy Development