by peter

Share

SPECIAL INTEREST GROUPS POLICY

This Special Interest Groups Policy outlines the relevant special interest groups that pertain to {{company_name}} and how they are monitored and kept up to date.

Special Interest Groups Policy Scope

This Policy covers all information assessments present at {{company_name}}.

AUDIENCE

The intended audience of this Special Interest Groups Policy is the internal Information Security team, the directorate of the business and any other key stakeholders with a specific interest in Information Security, Cyber Security and / or Data Protection.

Special Interest Groups Policy

The following (is an example) are the special interest groups with which regular contract is maintained:

  • TITAN
  • North West Regional Organised Crime Group
  • Derbyshire Policy HQ
  • Cyber Information Sharing Portal
  • National Cyber Security Centre
  • Government Communications Head Quarters
  • ISC2
  • ISSA
  • CIS
  • Cert.gov.uk
  • EU Certs
  • US Cert
  • British Computer Society
  • Cert.org
  • CREST
  • DatalossDB

Monitoring

Responsibility for monitoring changes and updates is that of the CEO. Updates are reviewed at the Board meetings as required. With each update an action is assigned by the relevant person to ensure the updates are reflected in Policy / Procedure and communicated as required.

COMPLIANCE

Compliance Measurement

The {{company_name}} Team will verify compliance to this policy through various methods, including but not limited to, business tool reports, internal and external audits, and feedback to the policy owner.

Exceptions

Any exceptions to the policy must be approved by the CEO in advance.

Non-Compliance

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

RELATED STANDARDS, POLICIES AND PROCESSES