Policies

[carhartlewis]

• Create default set of policies when a new organization is created
  • Trigger task to add the policies
  • Only create policies for selected frameworks (e.g. SOC 2, ISO 27001, GDPR)
• Policy editor
  • Notion-like editor for UX
  • WYSIWYG
  • AI assistant
  • Save on update
• Settings
  • Update / change policy name
  • Assign to a category (HR, GOV etc)
  • Assign to a user
  • Edit review frequency (monthly, bi-annually etc)
  • Mark as employee signature required
  • Delete / remove policy
• Create policies (convert MD to TipTap JSON)
  • Application Security Policy
  • Data Classification Policy
  • Access Onboarding and Termination Policy
  • Availability Policy
  • System Change Policy
  • Data Classification Policy
  • Code of Conduct Policy
  • Confidentiality Policy
  • Business Continuity Policy
  • Cyber Risk Assessment Policy
  • Datacenter Policy
  • Software Development Lifecycle Policy (SDLP)
  • Disaster Recovery Policy (DRP)
  • Encryption Policy
  • Security Incident Response Policy (SIRP)
  • Information Security Policy (ISP)
  • Log Management Policy
  • Removable Media and Cloud Storage Policy
  • Office Security Policy
  • Password Policy
  • Policy Training Policy
  • Privacy Management Policy
  • Processing Integrity Policy
  • Remote Access Policy
  • Data Retention Policy
  • Risk Assessment Policy
  • Vendor Management Policy
  • Workstation Policy

[linear]

COM-13 Policies (copy)

[austinsonger]

Is there a branch for this?

[carhartlewis]

Merged what we have into main, so feel free to create one! We're changing the structure of how we seed files/policies at the moment, (cc @Marfuen).

[austinsonger]

So I will be creating a Draft - Pull Request later tonight with many of the policies in the json format (in /src/jobs/seed/policies).

[carhartlewis]

So I will be creating a Draft - Pull Request later tonight with many of the policies in the json format (in /src/jobs/seed/policies).

Awesome, I've only created a few so far. Tag me in the PR and I'll get it merge