Standard Operating Procedure

Standard Operating Policy (SOP)

Step-by-step written instructions and documentation for team members to follow for best practices in security and compliance.

Contents of Policy

• Should describe “should(s)” When “should” you do something. e.g “You should always work in your home office as a secured space, but it is not always required”
• Should describe “must(s)” When “must” you do something. e.g. “You must always ensure your computer is encrypted and has a default lock screen enabled after 5 minutes of away time to ensure no physical access can be taken while unattended”