

SWORDFISH POLICY MANAGEMENT MODULE
SWORDFISH® Policy Management module aims to operationalize and automate the management of Information Security Framework documents throughout their whole life cycle. The Information Security Framework, may consist of multiple elements such as Policies, Procedures, Standards, Implementation guides, etc.
A MODERN SECURITY FRAMEWORK
Policy Management Module serves as a centralized policy management system which allows the effective and efficient management of a modern Security Framework in one single and interconnected repository.
CAPABILITIES
Policy Management Module, as part of its core functionality, provides the following technical capabilities:
Create your own Information Security Framework from the ground up based on widely accepted Security Frameworks (e.g. ISO 27001:2022, ISO 27002:2022, NIST 800-53 and more)
Using as a basis all the widely adopted regulatory frameworks: ISO27001 and ISO 27002, NIST CSF with more than 10 Sectorial, National and International Regulatory Frameworks such as EU GDPR, PCI DSS, EU NIS Directive, KSA SAMA, KSA PDPL, UAE PDPL and more.
Database with interconnected Regulatory Frameworks minimizing efforts for achieving and demonstrating compliance with multiple frameworks.
Available corporate documents can be uploaded that can also be mapped with Regulatory Frameworks and Security Standards
Manage policy lifecycle upon development by facilitating reviews and approvals as well as distribution of documents.
Notifications to stakeholders and assignment of tasks.
Controlled access to Information Security Documentation based on roles and business needs.
Benchmarking with peers on regional, international levels based on anonymized data.
Manage the whole lifecycle: Draft, Approval, Distribution, Acknowledgment, Review.
Periodic reviews and re-approvals. Frequency and range can be completely tailored to the organization’s structure and requirements.
Version controls and standardized archiving process.
Advanced reporting and dashboards.
Benchmarking with peers on regional, international levels based on anonymized data.
Follow up on mitigation actions and deadlines enforcing for each working package.


MRC BROCHURE
Access the brochure and learn more