Product Offerings
Performance Resources has a comprehensive policy/standard framework available for licensing. Minimal customisation is required to adjust these documents to the needs of any organisation. More comprehensive customisation is also available as part of our consultancy offerings. The table below lists the documents that are immediately available.
We cover seven (7) domains of the ISO/IEC 17799:2005 standard in separate documents at standard level. We found that they are the most often required ones. The remaining for domain standards can be developed upon request. Development time is usually a few days.
| Product Name | Category | Description |
|---|---|---|
|
Governing Documents
Information Security Principles
Risk Control Statements |
A concise document detailing laws, legislations, regulations, international standards and best practice documents. Establishes the core direction the organisation should follow to have a strong information security posture. Describes the core risk control principles and establishes the risk appetite and risk tolerance of the organisation. |
|
|
Policy Statements |
Specifies the areas of information security. |
|
|
D03 - Information Asset Management D06 - Communications And Operations Management D07 - Access Control D08 - Systems Acquisition Development and Maintenance D09 - Incident Management D10 - Business Continuity and Disaster Recovery D11 - Compliance |
Domain Standards |
These standards describe the information security controls required in the subject area.> Each domain standard contains approximately 20 control statements. The D11 - Compliance Standard reflects Australian requirements. |
Antivirus Management Information Asset Naming Password Management Patch Management Third party Access user Account Management |
These standards serve specific purposes, as the names indicate. Each standard statement is followed by a brief justification of why the control is required. Key Performance Indicators, Tips and Warnings and "How To" suggestions are also provided. |
|
Personal Electronic Device (PED) Management Personal Firewall Remote Access Teleworking Wireless |
|