ISO 27001

Policy & Procedures

IS Awareness









Policy & Procedures

Many organisations spend time developing policy materials that often do not meet the demanding requirements of the PCI DSS/ISO 27001.

Our documentation experts can help improve existing IT documents or develop new documentation to meet your unique requirements. We can help build all types of comprehensive documentation including: IT standards, procedures, processes, forms and diagrams. If it's IT documentation you are looking for, we have the experience.

AAndersen follow a methodical approach to ensure an in depth examination of an organization's business and regulatory requirements.

Step 1: Requirements Gathering – Our consultants conduct a series of comprehensive interviews to understand a company's specific risks and business requirements.

Step 2: Creation of Policy Draft – Using the information obtained in Step 1, we create a comprehensive set of policies and procedures to address all areas of need identified.

Step 3: Review & Update – After the creation of a draft policy, we review the draft with relevant stakeholders to ensure that all security objectives are identified and addressed accordingly.

Step 4: Implementation – Once the policy is approved, AAndersen’s delivers a final draft for implementation.


Aandersen Ltd

Suite 12811

2nd Floor

145-157 St John Street