Product Offerings

Performance Resources has a comprehensive policy/standard framework available for licensing. Minimal customisation is required to adjust these documents to the needs of any organisation. More comprehensive customisation is also available as part of our consultancy offerings. The table below lists the documents that are immediately available.

We cover seven (7) domains of the ISO/IEC 17799:2005 standard in separate documents at standard level. We found that they are the most often required ones. The remaining for domain standards can be developed upon request. Development time is usually a few days.

Product Name Category Description



Governing Documents


Information Security Principles


Risk Control Statements

Governing Documents



A concise document detailing laws, legislations, regulations, international standards and best practice documents.

Establishes the core direction the organisation should follow to have a strong information security posture.

Describes the core risk control principles and establishes the risk appetite and risk tolerance of the organisation.



Policy Statements

Statement of Intent



Specifies the areas of information security.
ISO/IEC 17799:2005 compliant document, containing 11 domains.



D03 - Information Asset Management

D06 - Communications And Operations Management

D07 - Access Control

D08 - Systems Acquisition Development and Maintenance

D09 - Incident Management

D10 - Business Continuity and Disaster Recovery

D11 - Compliance

Domain Standards



These standards describe the information security controls required in the subject area.>

Each domain standard contains approximately 20 control statements.

The D11 - Compliance Standard reflects Australian requirements.




Antivirus Management

Information Asset Naming

Password Management

Patch Management

Third party Access

user Account Management

Specific Purpose Standards




These standards serve specific purposes, as the names indicate.

Each standard statement is followed by a brief justification of why the control is required.

Key Performance Indicators, Tips and Warnings and "How To" suggestions are also provided.



Personal Electronic Device (PED) Management

Personal Firewall

Remote Access



Under Development


<back to top>