Establishing and implementing policies defined by external regulatory and internal requirements encapsulate the risk tolerance of a government agency and must be continuously monitored to ensure organizational compliance. An organization must not only have well-defined security policies supplemented by documented Standard Operating Procedures, but also the processes to monitor and report on their effectiveness to ensure compliance. KCG’s security professionals assist in defining required security policies and in developing and updating these policies based on federal and agency regulations, guidelines, and directives.

Our service offerings in industry standards and policies include:

• Organizational Gap Analysis of Existing Policies against Over-arching Industry Standards and Guidelines
• Information Security Policy Development
• Standard Operating Procedure Development to Enforce/Regulate Security Policies
• Metrics Definition and Collection to Report on Policy Coverage and Effectiveness