Learn how to document your policies and manage the policy center
The policy center is a great feature within the Scytale web app, that allows you to manage all your policies and procedures in one place (see screenshot below). These documents should describe all the processes in your company relating to information security, risk assessment, vulnerability management, etc. You need to ensure that all the policies and procedures are reviewed and kept up-to-date every year. Should you have any missing policies and procedures, Scytale will provide you with templates of any such missing policies and procedures.
Policy Center
The Policy Center is organized into six columns:
- Policy Name - The title of the policy.
- Owner - The person responsible for signing off the policy.
- Framework - The framework to which the policy belongs.
- Status - This automatically updates based on the policy's progress:
- Pending: The policy is uploaded but not yet edited.
- In Progress: The policy has been started and saved.
- Sign Off: The policy has been signed off.
- Modified - The date of the last edit. If no changes have been made, it shows the date of policy creation.
- Options (3 dots) - Clicking the three dots opens a menu with options to edit, delete, and export the file. Once the policy is signed off, you can export it and save it to your local drive. There is also an "Export All" button to export all signed-off policies.
Note: You can sort the data by clicking on the column names (Name, Owner, Status, Modified Date).
Policy Editor
You need to review all the policies on an annual basis. When reviewing the policies, you need to replace the highlighted yellow words with ones that will fit your processes, and remove the highlighting. After you have reviewed the policies and made all the changes, you must sign them off. The following policy details will be provided to you:
- Last update: The date of the last change made in the document.
-
Last approval: The date of the last signed off.
-
Next update: The date when the policy needs to be reviewed.
-
Version: Each change updates the version. When you edit the policy the version is updated from 1.0 to 1.1. When the policy is signed off, the version will be updated to 2.0.
If there are any queries or questions, please use the comment section to communicate as such.