Policies and Procedures
Industry: Financial Services
The Need
The corporate security department of a national financial organization has responsibility for physical security, investigation of fraud, and compliance with security regulations. The department communicates its efforts to other executives, auditors, and regulators. To meet upcoming regulatory audits, the department needed to have a complete documented set of policies, processes, and procedures.
Solution
A Dashe & Thomson consultant performed a gap analysis to determine what documentation currently existed, what was redundant, and what was obsolete. The consultant then created a project plan that included a definition of purpose, audience, and scope. The plan included definitions and roles and responsibilities. The consultant created standards and a style guide for clear, complete, and easy-to-read documentation. The standards and style guide were used as a basis to modify existing policies, processes, and procedures, and to write new ones. The documentation was reviewed according to the review and approval process established in the project plan.
Results
The completed documentation met the department needs for presentation to auditors and regulators. It has since used the documentation for departmental training and reference, as well as for business continuity planning.