Security policy is the first but often neglected phase of IT security implementation. Without a security policy defining rules and procedures, the best of technical solutions may fail to provide comprehensive security cover for the information assets.

Darts customizes the more elaborate international standards like BS7799 to develop a tailor-made security policy to meet specific business requirements of the organization. The policy includes the rules and procedures for physical, administrative and technical security of information assets, including password policy, access controls, security incident response procedures etc. the policy also lays down individual responsibilities for the various defined roles. The role definition smoothens and expedites the response mechanism when a security incident actually takes place.

Darts’ Security policy formulation service involves top management in addition to IT administrators, as the top only can appreciate and define the value of various information assets and the impact of damage.