For most organisations, maintaining security is an essential part of ongoing business and to reduce the likelihood of a security failure, the process of implementing security has to be formalised. The formalisation of security solutions takes the form of a hierarchical organisation of documentation sets with each level focusing on a specific type or category of information and issues. Security policies, standards, processes and procedures are essential.

During a Documentation Set Review, IRM will first identify the exact documentation framework that has been adopted by the organisation. Each document will be reviewed against both security best practice and its applicability and suitability within the hierarchical layer.

During Documentation Set Development, IRM will initially engage with the business to understand and advise on any documentation framework that the organisation has in existence, or that the organisation should adopt going forward. Consultants will work closely with the client at all business levels in order to understand operation requirements and the business model in use. Once the framework and requirements have been identified, IRM will draft the relevant security documentation sets, transposing and merging business requirements with security best practices.