return to Consultancy Services
Consultancy Service

Controls, Policies and Standards Support

riskemerging threatstechnologygovernancesupply chaincloudcomplianceai

Are you sure your security standards are up-to-date?

Leverage the most recent ISF Standard of Good Practice for Information Security (SOGP) to develop, validate and improve your security controls and policies – creating standards that staff across the business can easily follow.

Why work with ISF to support your Controls, Policies and Standards?

Whether you need help to update your security policies to account for new technologies or applications, or to ensure that the controls covered in your policies conform to your organisation’s risk profile, ISF Services can help.

We can create new standards or adapt your existing standards to be more business-centric, allowing stakeholders to better understand their roles in ensuring the organisation’s information security goals are met.

Who will this help?

CISO and senior security team | Risk, audit and compliance team | Security practitioners.


Engaging the ISF for Controls, Policies and Standards Support provides you with:

An assessment to identify the overall context and required objectives.

A review of your organisation’s existing policies and standards.

A GAP assessment against the ISF Standard of Good Practice for Information Security.

A set of updated materials incorporating your organisation’s required changes.

Want to find out more?

Get in touch to discuss how you can build a strong foundation for business resilience based on ISF security controls frameworks.


ISF Standard of Good Practice for Information Security

Explore our leading and internationally recognised set of good practice covering all aspects of cyber resilience, information security and risk management.

Download the Executive Summary


Our industry leading insights, tools, training, and events help our Members tackle cyber challenges with confidence. Find out how being part of the ISF community can drive your organisation towards better cyber security today.