Go to Top

Preparation of IS Policy and ICT Manual of an Insurance Company in Bhutan

The Assignment
MaGC was appointed to prepare the Information Security Policy (IS Policy) and an Operations Manual for the Client’s ICT department. The Management desired to implement standard policies, safeguard ICT Assets, and standardize ICT usage and services among its employees.

MaGC Approach
MaGC conducted detailed discussions with key stakeholders & Management and undertook a field study to understand the existing infrastructure, systems and processes in place. This was followed by a brainstorming session with the ICT team to finalise the contents. MaGC prepared the Information Security Policy, ICT Guidelines, and Operations Manual incorporating a combination of existing policy/practices, industry best practices, and Management desired controls.

The Policy and documents were validated with client in detail and their comments/feedback incorporated.

The Output
The final output was the IS policy and ICT Operations Manual. MaGC team conducted a sensitisation training for the ICT department to familiarise the team with the contents of the Policy and Manual. As part of this exercise, interactive sessions were held and a roadmap for implementation was drawn up jointly by the Trainers and Trainees.

Click here to read the complete success story.