Documentation Audit and Authorship Service

Several current business drivers compel the need for up to date and enforceable policy:

• Increasing emphasis on corporate transparency.
• Demand for accuracy of financial reporting.
• Privacy and identity theft related liability.
• Executive accountability.
• Information security transitioning into governance.

ERE Documentation Model
ERE CISSP security consultants write security plans, policy, controls, and procedures, tailored to the exact needs of each individual client. ERE bases the documents on our standard template policy / procedures model. The key aspects of the ERE policy / procedures model are:

• Living documents, to be regularly kept updated by the owner.
• Each idea is written in point form, designed for ease of use in pressure situations.
• Dual purposed, both an information source and for note taking during incident response.
• Excel based for ease of note taking during incident response, and for ease of update by the owner.
• Modularly written, to facilitate ongoing development and correlation of new components of the documentation set.
• Practical as each document is tuned to each client's specific needs.
• Usable, as ERE includes on-site training with PowerPoint presentations.

    
Additional Resources
https://csrc.nist.gov/publications/CSD_DocsGuide.pdf