Skip to main content

5. Policies Management

Once you have created or imported a policy structure, you can begin managing your policies to align with your organisation’s cybersecurity and compliance objectives.


Key Features for Managing Policies

Edit Policies

Update policy codes, define their names, and provide descriptions to accurately reflect their purpose.

Define Policy Contextual Information

Include critical information such as the overview and purpose, scope, policy compliance, definitions, terms, and any additional details to meet your contextual needs.

Add New Policies

Create additional policies as needed to expand your organisation’s cybersecurity maturity and compliance posture.

Delete Policies

Remove outdated or unnecessary policies to keep your environment current and focused.

Reorder Policies

Use drag-and-drop functionality to reorganise your policies, improving logical flow and usability.

Assign Owners

Owners can be assigned to each Policies to ensure accountability and clarity.

Steps to Assign Owners:

  • Click on the "Owners" button.

    Owners-2.png

  • In the drawer, select one or multiple users as owners.

  • Specify whether the ownership should be applied recursively to underlying categories and subcategories.

  • Click the blue "Assign Owners" button to save your changes.

Set Maturity Levels

Define both current and target maturity levels for each policy to monitor progress and establish improvement goals.

Add and Manage Evidence

Attach supporting documentation to substantiate each policy, such as audit reports, procedures, or references.

Compliance with Framework Changes

Link your policies to your framework to automatically track and display changes. When a linked framework is updated, notifications in the Policies Manager will alert you to review and adapt the affected policies.

Collaborate and Document

Add comments, document changes, and maintain a modification history for transparency and accountability among team members.


📌 Note

Each policy has a unique standard code displayed at the top of its card (e.g., P_00001, P_00002, etc.), ensuring its uniqueness and traceability within your environment.