An information security policy document is a high level document that provides guidelines for developing security standards and procedures that are to be implemented across an organisation. These policies are the basis for a sound security implementation. The procedure for developing an organisation-wide information security policy aims at creating an organisation-specific security policy through the understanding of information security requirements and associated priorities.

This service will develop the security policy based on the strategic business intent of the management and the organisation's needs. The policy development methodology incorporates the best practices defined in ISO 17799.