Security Policy Writing

Stuart's new venture! is a website where people looking to gain the knowledge and skills required to develop great security policies for use in certifications including SOC 2 & ISO 27001

Who needs to understand policy development?

Cyber Security students

Anyone trying to break into the industry will be viewed by an employer as being more valuable if you can write great policies and reports. You instantly provide more ability than someone who does not have this skill, setting you above competitors for open cyber roles.

GRC professionals

Market research proves that the majority of Governance, Risk and Compliance positions require candidates to understand the development process for security policies. Companies need policies to meet the requirements of security frameworks. If you can do that, the value you add is far more attractive to an employer.

Cyber security managers

Part of your responsibilities will require you to collaborate with GRC personnel to review and sign off on security policies and procedures. If you understand why the policy is required, and how to ensure specific security controls are documented and implemented from the policies, you will be far more effective in your role.

Start-up Business owners

You have built your products and have started to attract customers. You are excited to take on a major new contract. Out of nowhere, they ask for your SOC 2 report or ISO 27001 certification. You um and ah. They tell you they want to work with you but require you to become certified before signing a contract with you. Rightly so, they need to make sure their customer and employee data is protected.

Having the policies in place to meet the requirements of the certifications will make your transition to an ISO 27001 Certified Company a great deal easier.

PolicyWizard Courses

Security Policy Cheat Sheet

A simple guide to help you understand the very basics of policy development. Download it now and you'll soon be making yourself indispensable in your organization.

Security Policy Foundations

In this "Pay what you can" foundational level course, I will show you how to cast your first spells as a budding Security PolicyWizard. You'll learn the basics:

What is security risk? What is a security policy?

What is a security framework? What is a security risk?

Security policy considerations:

- Layout - Readership - Accountability - Policy length - Legal terms - Title & references - Templates - Tracking methods - Development tools Plus a bunch more

Security Policy Masterclass

Remember the bit in Lord of the Rings where Gandalf fights the Balrog in the Mine of Moria? Well, this course is like that. Security policies are the Balrog, and you, well you are Gandalf the Gray. Standing on the bridge between where you are now, and your future as a Security PolicyWizard. You'll fight the monster, emerge victoriously and arise as Gandalf the White. You Shall Pass! I will show you the way.

Stuart W

Certified Policy Management & GRC professional

A highly motivated and innovative information security professional, specialising in the reduction of human risk through the development and implementation of targeted enterprise security policies. Utilizes expert policy writing and security framework knowledge to reinvigorate policy management, enhance enterprise risk management programs, and translate technical security concepts into easy reading.

Begining in the military gained a detailed understanding of security within the physical and the InfoSec realms. He now utilizes over 15 years of experience to help businesses protect their employees, customers, and intellectual property.