Search Site Click to Search

T +44 (0)1628 600 900 E info@policymatter.com

Software for Policy Management and Compliance

Not currently logged in

• Login
  (Existing members)
• Register
  (New members)

Information sheet - Why PolicyMatter is an integral part of a BS7799 information security strategy

At a general level

BS 7799 is a standard setting out the requirements for an Information Security Management System. It helps identify, manage and minimize the range of threats to which information is regularly subjected.

BS7799 sets out how organisations need to constantly protect their information from threats arising from many sources - internal, external, accidental, or malicious.

• PolicyMatter ensures that internal staff are made fully aware of how they should treat the organizations information, enforcing receipt and reading of policies, testing understanding and
• PolicyMatter addresses information security threats from staff behaviour - both accidental misuse and malicious abuse.

On BS7799's specific controls

PolicyMatter supports all of the 10 controls identified in Annex A of BS7799. It addresses 4 of them specifically:

• Security policy - providing management direction and support for information security
  
  PolicyMatter allows management to show rigorous application of BS7799 by making policy communication compelling and unavoidable.
  
  PolicyMatter gives management immediate visibility of policy acceptance in a way simply not possible with conventional approaches.
  
  
• Personnel security - reducing the risks of human error, theft, fraud or misuse of facilities
  
  PolicyMatter reduces the risk of unintentional error by ensuring staff receive policy, by testing user understanding and communicating the results.
  
  PolicyMatter reduces the risk of malicious misuse error by ensuring staff understand the consequences of misuse, what security filters and monitoring are used, obtaining agreement to abide by policy, and (in the event of disciplinary actions) keeping an audit trail of all transactions.
  
  
• Compliance - avoiding breaches of any criminal and civil law, statutory, regulatory or contractual obligations, and any security requirement
  
  PolicyMatter encodes laws, codes of practice and regulations to ensure they can be presented to staff in a compelling manner.
  
• Business continuity management - To counteract interruptions to business activities and to protect critical business processes from the effects of major failures or disasters
  
  PolicyMatter reduces the risk of interruptions to business by ensuring all staff understand and agree to adhere to key procedures.

---

Provide feedback

Print page