Learn how to document your policies and manage the policy center
The policy center is a great feature within the Scytale web app, that allows you to manage all your policies and procedures in one place (see screenshot below). These documents should describe all the processes in your company relating to information security, risk assessment, vulnerability management, etc. You need to ensure that all the policies and procedures are reviewed and kept up-to-date every year. Should you have any missing policies and procedures, Scytale will provide you with templates of any such missing policies and procedures.
In the policy center, you can assign an owner to each policy and each owner will be responsible for signing off the policy. You can also click on the column names to sort the documents by name/owner/status/modified date.
The status of the policies will be changed automatically when any policy is updated:
- Pending - When the policy is uploaded, but no editing has been done yet.
In Progress - Once you start to edit the file and save it.
Sign off - When you have signed off the policy.
The modified column shows when the last edit occurred. If no changes have been made, the column will show the date of the policy creation.
Clicking on the three dots at the end of the line will open a window showing options for editing, deleting, and exporting the file. When the policy is signed off, you can then export the file and the policy will be saved on your local drive. In addition, there is an export all button for exporting all the policies that were signed off.
You need to review all the policies on an annual basis. When reviewing the policies, you need to replace the highlighted yellow words with ones that will fit your processes, and remove the highlighting. After you have reviewed the policies and made all the changes, you must sign them off. The following policy details will be provided to you:
- Last update: The date of the last change made in the document.
Last approval: The date of the last signed off.
Next update: The date when the policy needs to be reviewed.
Version: Each change updates the version. When you edit the policy the version is updated from 1.0 to 1.1. When the policy is signed off, the version will be updated to 2.0.
If there are any queries or questions, please use the comment section to communicate as such.