Cyber Security Policies and Procedures

Cyber security policies and procedures enhance your organisation’s protection against cyber attacks.

Policies and Procedures

Cyber security policies and procedures form an essential part of any Cyber Security Management System (CSMS). Whilst systems, software and tools protect the business during an attempted attack or when an attack occurs, policies and procedures are designed to minimise errors and reduce the business’s overall cyber risk.

The Jam Cyber Policies and Procedures also provide action and response plans in the event a cyber attack is successful. This includes ensuring companies communicate effectively with key stakeholder in the aftermath and, meet their legal obligations as set out in the Australian Government’s Notifiable Data Breach Scheme.

The Jam Cyber CSMS includes our range of cyber security policies and procedures. These are customised for each company to ensure they are relevant and meet your business needs. Find out more about our Cyber Security Policies and Procedures below, or contact us for more information.

hacker on handcuffs arrested cyber security policies threat

The Jam Cyber – Cyber Security Framework

The Jam Cyber – Cyber Security Framework underpins all aspects of the Cyber Security Management System. It is designed to maximise cyber security protection for small to medium Australian businesses. The framework is built on three principles:

People

cyber security policies people icon

Providing the workforce with appropriate training, tools, and resources to protect them, and the business, from cyber attacks.

Governance

cyber security policies governance icon

Ensuring the business’s cyber security strategy is upheld and the business is in the best position to manage any cyber security issues.

Technology

cyber security policies technology icon

Establishing the best possible systems and applications to maximise cyber security protection at all times.

jam-cyber-security-policies-framework

The Cyber Security Policies & Procedures form a vital part of the Jam Cyber – Cyber Security Framework.

Does my business need a cyber security framework?

CLICK HERE TO FIND OUT

Benefits of Cyber Security Policies and Procedures

Cyber security policies and procedures will heighten cyber protection for any business. Systems and applications are important but having clear guidelines to increase employee cyber safety will dramatically reduce the likelihood of an attack. Further, clear actions for rapid responses to breaches, will reduce the overall impact of any successful attack. Below are the core reasons businesses should establish cyber security policies and procedures.

Five reasons to implement Cyber Security Policies and Procedures

Maximise employee cyber safety

Providing your employees with cyber security policies and procedures gives clear guidance regarding appropriate and cyber safe use of networks and devices. This will increase the business’s overall cyber protection. Additionally, it will also ensure they maximise their personal cyber protection, reducing the chance of them becoming a victim to cyber crime.

Respond rapidly in the rare case of an attack

With a complete cyber security management system, a cyber attack is rare – but it can still happen. Having an incident response plan, with communication templates will enable the business to act rapidly in the event of a cyber attack and minimise any damage caused.

Meet legal obligations

Many businesses will have legal obligations to carry out if the business falls victim to a cyber attack. The Jam Cyber Policies and Procedures provide templates and cover required actions business owners must take to abide by the Australian Government’s Notifiable Data Breach Scheme.

Maintain client relationships

One of the most important reasons to maintain cyber security policies and procedures is to ensure client communication and engagement is undertaken as swiftly as possible in the event of an attack. This act will not only protect your client’s privacy and data, but also ensure they remain loyal in the aftermath.

Protect your reputation

No business wants to fall victim to a scam. But having policies and procedures in place and ensure the business handles it with dignity and acceptable transparency. This further will enable the business to get back on its quickly to resume business as usual.
maximize employee cyber security policies

Get custom Cyber Security Policies and Procedures for your business.

SHOW ME

Cyber Security Policies and Procedures Included

The Jam Cyber Policies and Procedures are part of our Cyber Security Management System offering. Whilst all documents are included, each is tailored to suit specific business needs including flexible working arrangements, social media allowances and existing policies.

The below documentation and files are included with every CSMS.

POLICIES

Employee Acceptable Cyber Use Policy

To provide guidelines for responsible, ethical, and legal use of the company assets, networks, and online tools by all employees.

Remote Working ICT Policy

A policy designed for employees to use when working remotely to ensure cyber safe practices.

Data Breach Policy & Response Plan

To determine what is an eligible data breach and ensure the company upholds it legal obligations and ethical responsibility.

Corporate Email Policy

To inform and guide employees regarding appropriate and respectful use of any corporate email address.

Disaster Recovery Policy

To inform and guide employees regarding appropriate and respectful use of any corporate email address.

Password Management Policy

To protect personal and company passwords from external and internal threats.

PROCEDURES

Incident Response Plan

To provide all employees, including the Management Team, with a clear action plan to address any cyber security incidents or data breaches.

Data Recovery Plan

To enable the rapid recovery of data in the event of a disaster caused by a cyber attack, malicious insider activity, natural disasters, technical errors, or accidental employee actions.

Stolen Password Procedure

To minimise the risk of a cyber attack due to a stolen or compromised password which is associated with a corporate email address.

Lost or Stolen Device Procedure

To ensure any lost or stolen company device does not further implicate the company in either a cyber attack, exploitation, or confidential data breach.

Notification of Data Breach Templates

To enable a rapid response in the event of a notifiable data breach as outlined in the company Data Breach Policy & Response Plan.

Internal Incident Report Form

To track cyber security incidents internally and understand how a data breach has occurred to determine any future actions that should occur to minimise further attacks.

Employee Onboarding and Change Procedure

A process to safely and swiftly onboard new employees.

Social Media Request Form

To record official requests for use of banned social media and to provide access to social media where required.

ASSET MANAGEMENT

Asset Management System Framework

To ensure all company owned or leased ICT assets are utilised effectively, efficiently, and safely.

Operational ICT Asset Management Commitment

The company’s commitment to upholding the highest standard of ICT asset management.

Employee ICT Asset Management Policy

To provide guidance for employees regarding managing company owned or leased ICT assets.

ICT Asset Inventory

To record and track all company owned or leased ICT assets.

ICT Asset Request Form

To manage short-term ICT asset use by employees.

ICT Asset Procurement Request Form

To streamline procurement of ICT Assets for employees