This service will take an involved look at existing documents and policy mandates that the client company has in place, and bring them up to date so that they are effective and provide the protection and assistance they are designed to provide. Depending on the various government and legal regulations, many companies must adhere to certain rules which are reflected in policy.

Regulatory non-compliance, by failing to apply the mandated security measures, may cause corporate loss of contract status, invoke liabilities in a court of law and result in negative financial impact.

While policy work is generally looked upon as a tedious and seldom useful investment, companies attempting to operate in the complicated, fast paced, and high-tech business environment of today are rapidly discovering that proper policy creation, implementation, and updating is vital. For example, simple matters such as network monitoring and sniffer deployment for network troubleshooting can become a legal catastrophe if policy does not specify that such tools are in place and will be utilized.

The Policy Security Assessment service can address issues in several pre-existing environments:

• Policy creation where the client lacks policy: Best practice rule-sets are employed and then specific measures added to customize the policy to the client's needs.
• Existing policy review and comparison with best practice rule-sets.
• Policy update and training for outdated policy use within a company.
• Verification that policy is not only current and appropriate but the policy has been distributed to all employees and is available for review at all times to, ensure that the client is covered in case of possible legal question on policy implementation and usage.

All Policy Security Assessments need to be analyzed prior to the generation of a cost estimate. The costs vary widely due to the diversity of client policy disposition, the sensitivity of the harbored data, geographic distribution of client offices and potential T&E costs.