Security Policy and Program Services - Compliance from VeriSign, Inc.

You Are Here: US Home > Global Consulting Services > Global Security Consulting > Global Security Consulting Services Overview > Security Policy and Program Services

Security Policy and Program Services

Most security problems aren’t just technical, they’re organizational. Good policies and practices aligned to corporate goals and a thoroughly trained staff can help reduce risk as effectively as the most up-to-date technology.


Build Security into Your Company's Culture
The PurposeDevelop policies and standards to promote security. Plan a strategy that helps you evolve. Improve business processes to align security with your corporate goals. Train your staff in sound security practice.
Value to YouStreamlined processes that provide higher efficiency - and security at a lower cost. Tailored policies that don't overburden your organization. A complete solution that closes the gap opened by risky practices and untrained personnel. At the high end, security program management and interim strategic outsourcing.
How We WorkLearn your goals and constraints. Evaluate your current policies and practices. Assess your need for a security program. Analyze your business processes. Train your staff. Help you manage your program.
The ResultsAn effective and efficient security program. Practical responses to security and privacy problems. Tailored communications
Why VeriSignMost of our consultants are certified as Certified Information Systems Security Professionals (CISSPs). Our focus is consequences, not just risk. We help you stay competitive. Our business is security, not just consulting.
Learn MoreTo talk with us about security and your business, call 650-426-5310 or submit your inquiry online.
Or, see the Global Security Consulting Services Overview.

The Purpose

We help you make sure that your security policies and standards - and the people they’re intended to guide - are as sound as your technology.

Policies and Standards 
As part of any project, we carefully assess the gaps in your policies and standards - not just in your systems. We’ve discovered that almost all the problems we uncover aren’t just technical problems, they’re organizational problems. If you lack a security policy or a standard where you need one, we’ll help you develop it. If your policies and standards aren’t serving you well, we’ll identify why and help you improve them.

Strategic Planning 
Policies and standards that serve you well today might not be adequate in the future. The marketplace changes. New regulations come into effect. Threats evolve. We help you develop a strategic planning process so that you can evolve as circumstances change.

Business Process 
Security isn’t just about security, it’s about your business. We look at your organization as a whole to determine the impact a security or compliance failure might have on your operations, your reputation, and your business objectives. We help you assess and develop policies and standards - and a strategy - that both strengthen your security and advance your business goals.

Training and Awareness 
Policies and practices are effective only if your staff understands them and knows how their expected to comply. We make sure your company’s personnel - from the security experts to the management and rank-and-file employees - get the training needed to maximize the effectiveness of your policies and procedures.

Back to top

The Opportunity for Complete, Outsourced Program Management

If you want to concentrate solely on business, but still have the confidence that your business is secure, VeriSign can help. We are experts at implementing security programs. Between complementing your staff with our consultants and our cost-effective Managed Security Services, VeriSign believes it can address your strategic outsourcing needs.

Back to top

Interim and Deputy Chief Information Security Officers and Chief Privacy Officers

Chief information security officers (CISO) and chief privacy officers (CPO) are hard to find. They’re in short supply, and privacy and security are becoming increasingly visible. VeriSign’s Interim CISO and CPO program provides you with fully qualified officers who will learn your organization thoroughly. They can help you maintain compliance today and plan for the future as well. By providing senior security and privacy staff, we can help:

  • Define the CISO or CPO functions
  • Jump-start stalled security or privacy efforts
  • Maintain momentum in existing programs during your search for a permanent CISO or CPO

We can also provide Deputy CISO and CPO services to augment your capabilities if you already have a CISO or CPO in place.

Back to top

Value to You

Higher Efficiency, Lower Cost 
We design a security program with your company in mind - with your business objectives at the forefront - so that you can improve your security posture while remaining focused on your core revenue-generating pursuits. Both your IT professionals and their customers - the rest of the company - can work more smoothly, which helps the company save precious time to market.

The Fit That’s Right for You 
We take what you’re doing right and make it better. We don’t have to impose an entirely new system on your organization. We make sure you help protect your company from threats and adhere to regulatory requirements - but we also make sure the program we recommend doesn’t burden your organization.

A Complete Solution 
Most security problems aren’t just technical, they’re organizational. Good policies and practices and a thoroughly trained staff can help reduce risk as effectively as the most up-to-date technology. Computer crime is an ever-growing risk, and its consequences can range from the minor to the catastrophic. Many companies that suffer catastrophic security breakdowns never recover. Inadequate policies and practices and untrained staff are a serious security gap.

Back to top

How We Work

  1. We learn your goals and constraints.

We meet with key personnel to understand:

      • Your business goals
      • The money and staff you can devote to improving your security

We want to tailor our recommendations to your goals without overtaxing your resources.

  1. We evaluate your current policies and practices.

We compare your current policies and practices against your business goals and industry standards.

  1. We assess your need for a security program.

We want to help you develop a strategic planning process - so your company can evolve as market demands, regulations, and threats change. We also want to help you reduce the total cost of security.

  1. We analyze your business processes.

We want to make sure that the security technology that you’re using - or considering - serves to strengthen your security and to advance your business goals. We also want to make sure that your IT processes are providing security where it matters - to everyone in your company.

  1. We train your personnel.

We identify what everyone in your company needs to know to make your policies and practices effective – and provide workshops to educate them. We focus on the specialized needs of your IT staff, the rigorous requirements for management, and the general awareness all employees need.

Back to top

The Results

An Effective and Efficient Security Program 
We develop security policies and practices that are effective because they meet the established standards of your industry. We also tailor them to your corporate goals - so they make your business run more smoothly.

Practical Responses to Security and Privacy Problems 
We base your policies and practices on industry standards to make sure they’re sound. We align them with your business goals to make sure they make sense for you. We help you develop a strategic planning process to make sure policies and practices continue to make sense in the future.

Tailored Communications 
We tailor our recommendations to speak clearly and effectively to the people they affect. We provide executive summaries for decision makers - and the specialized details that give your technical staff the information they need to implement the policies and practices we recommend.

Thorough Training and Awareness Building 
Our workshops cover general-interest topics such as password security and acceptable Internet use. We also provide specialized training in:

  • Regulatory compliance issues, such as Sarbanes-Oxley, HIPAA, and the Gramm-Leach Bliley Act
  • Technical areas such as VPN, intrusion detection systems, and incident management and forensics

Back to top

Why VeriSign

Our team of consultants is made up of Certified Information System Security Professionals (CISSPs). Read about Our Expertise.

Security isn’t just about security, it’s about your business. We focus not on vulnerabilities, but their threat to your business. Read about Our Approach - the foundation for all our work.

We help you stay competitive - we use our knowledge and experience to benchmark your risk against your industry. Read Industries We Work With to learn more about our experience in your industry.

We’re a security company with a consulting practice, not a consulting company with a security practice. Read about The Value of VeriSign.

Back to top
Contact Us
Please contact sales at
650-426-5310
Submit an inquiry online
Global Security Consulting
Services Overview
Enterprise Security Assessments
Enterprise Compliance Assessments
Security Certification Program
Incident Response and Forensics Services
Technical Security Assessments
Security Policy and Program Services
Security Architecture and Design Solutions
Identity and Access Management Services
Disaster Recovery and Business Continuity Solutions
Information Center
About Global Security Consulting
Industries We Work With
Public Sector Compliance Services
Compliance and Your Business
Resources



ABOUT SSL CERTIFICATES