- (585) 423-9810
Do you have published IT Security Policies and Procedures? If not, you need them!
All businesses should have written IT Policies and Procedures, and many are required by statute to maintain and report on them to governing organizations.
For example, in 2016 New York State enacted new Cybersecurity Regulations known as 23 NYCRR 500, which requires ANY organization that deals with Insurance, Banking, or Financial Services Laws, even peripherally, to do several things, and file compliance documents with the State.
Regulations aside, all businesses should have published, comprehensive policies and procedures for Information Technology.
According to NIST* a complete IT Policy and Procedures Document will contain the following topics: