Frequently Asked Questions
The InstantSecurityPolicy.com Process
How does the process work?
After you create your account, our innovative, online process asks you a series of questions in plain English, and then instantly generates a custom set of security policies based on how you answer the questions. You can use the policies as is, since they are already populated with your company's information, or tweak them to further fit your needs. Of course, the best way to understand the process is to go through it yourself. Click here for a free trial, which will allow you to generate a single policy at no charge.
How can an instant policy really be custom?
We drew upon our years of policy-writing experience to automate our standard "question and answer" session and provide it via the web. This simply automates the process we would follow when writing a custom policy. The end result is the same policy you would get if you spent thousands of dollars to engage our security consultants to write you a custom policy.
A policy generated online can't be as good as a policy written by a security consultant, can it?
There is in fact no difference - our policy statements were custom written by experienced and certified security professionals. The only difference is that you have the control over what you want your policy to say.
What makes InstantSecurityPolicy.com different from online templates?
While policies created via the InstantSecurityPolicy.com application are fully editable, our offering is much, much more than simply templates. Our wizard uses an innovative series of questions to customize your policies for you, so they are useful as soon as you receive them. Unlike generic template-based solutions, we provide you a useful policy - not a project!
Why shouldn't I just create my own policy?
There are two answers to that question, the first is that creating the policies that we offer in minutes would take an experienced technical writer a month or more. The second answer is that our policies are written by certified, experienced security consultants with years of experience in IT Security documentation, which will result in a much better product. This topic is covered in more detail in our helpful whitepaper, which can be found here.
How long will it take to create my policy?
The time it takes to complete the wizard will vary from person to person, however time estimates are: Bronze Package - 15 minutes, Silver Package - 25 minutes, Gold Package - 40 minutes. If time is an issue, you can save your work during the question-answering process and come back later when you have more time.
We need input from multiple people when answering the questions, is it possible to get a hardcopy of the questions?
Yes, some users find it useful to have the questions in a hardcopy format. After your order, upon request, we can send you a PDF of all the questions and answers. This is helpful if you want to review or discuss the questions in a meeting with the IT group or executive team before answering them online.
Why do I need a security policy?
A Security Policy is the foundation of a company's security strategy in a very specific manner. This allows for the successful implementation of a long-term security strategy. Perhaps as importantly, having a written policy (that your users agree to in writing) reduces your exposure to risk and legal liability.
Policy Format & Delivery
Will my final report have the InstantSecurityPolicy.com logo on it?
No. Our policies are standard enough that they can fit into most any company's documentation. Your policy will mention only your company's name and will not include any information about where or how it was generated.
In what format will my policies be?
Your policies will be immediately delivered to you as a zipped archive of Rich Text Format (RTF) documents, which are easily editable in all major word processing programs. While the policies are universal enough to work with any word processing program, they were specifically optimized for Microsoft Word 2003 and later. Also included are PDF versions of the same policies, which can be put immediately into use.
Will my policy be delivered as one file or multiple files?
What is commonly called a "Security Policy" is actually a collection of policies covering the different aspects of a company's IT Security. We have found that some companies don't have an immediate need for every policy included with the package they purchased. For this reason, we deliver the policies as distinct files, which can be used separately or easily combined into one document if desired.
How are my policies delivered?
After you complete the Q&A process your policies are created immediately and delivered via email. This is an automated process and happens instantly.
Can I review a sample policy?
Visit our samples page for sample policy pages as well as a useful whitepaper "Creating and Implementing an Effective IT Security Policy." You can also set up a trial account to generate a free sample policy customized to your company.
Do you have a free trial?
Absolutely, click here for a free trial, which will allow you to generate a single policy at no charge.
Can I use your policies to comply with complex security regulations and standards?
Yes - in fact, 90% of our customers use their policies for just that - including PCI DSS, HIPAA, Sarbanes-Oxley, the ISO standards, Mass 201 CMR 17.00, 21 CFR Part 11, SAS70, and more. Our policies were developed using the "CIA Triad" of Confidentiality, Integrity, and Availability, which is a concept shared by all major regulations and standards. We are in the process of developing compliance information for all the major regulations - currently you can review our compliance data on the PCI Data Security Standard, HIPAA, and Massachusetts 201 CMR 17.00.
I need a PCI DSS 2.0 compliant policy - should I buy both your Gold Package
and your Instant PCI Policy?
Probably not - our Instant PCI Package is based on our Gold Package. In fact, we developed the policy by starting with our popular and comprehensive Gold Package and adapting it to cover version 2.0 of the PCI Data Security Standard. It isn't exactly the same as the Gold Package, but it covers the same topics (and more) that the Gold Package does. The main difference, of course, is that our Instant PCI Policy is not customized via a questionnaire like the Gold Package is - you would be able to access it instantly upon purchase. We do have companies, however, that would like to purchase both. If you would like to generate both policies, you can do so for the discounted rate of approximately $900. Please contact us if you are interested in purchasing both packages.
What payment options do you offer?
We currently accept secure online payment by MasterCard, Visa, American Express, and PayPal. PayPal gives us the flexibility to accept virtually any payment method, such as Discover, e-check, and many other options, regardless of whether you have a PayPal account - please contact us for more information on this option.
How do you secure my credit card information?
Your credit card information is transmitted securely over SSL encryption to our servers. We then use strong SSL encryption to secure credit card transactions through Authorize.Net, the largest credit card payment gateway in the United States. We do not store or retain your credit card information after your transaction has been processed.
If I buy a Bronze or Silver package but later want to upgrade, is this possible?
Yes, you can upgrade your package at any time after purchase. It is less expensive, however, to purchase the larger package initially.
Do you have a guarantee?
Yes. At any time within 30 days of your order, if you are not completely satisfied with your policies and we are unable to resolve the issue to your satisfaction, we will provide a 100% refund.
Value Added Reseller Program
Do you offer a reseller program?
Yes, we understand that some companies may need help to not only create their policies, but to customize and implement them. This is where we rely on our network of Value Added Resellers. We are always looking for partners who want to help their customers implement a solid IT security program, so please contact us if you are interested.
I am an IT Consultant and would like to offer your policies to my customers - is this possible?
What are others saying about InstantSecurityPolicy.com?
See for yourself on our Customer Testimonial page here. We maintain a 98% customer satisfaction rating based on our post-sale customer survey.
What if there is a problem with my order?
We are committed to customer service and will do everything we can to resolve any issues to your satisfaction. As a last resort, we offer a 100% money-back guarantee if you aren't satisfied.
Are your policies only for US-based companies?
Not at all! In addition to the United States, we have happy customers in countries ranging from the United Kingdom to Malaysia to Saudi Arabia, and everywhere in between. Our security policies are written to comply with internationally-accepted industry best practices, and are not tied to any single country's security regulations or standards.
"You helped me get this monkey off my back. I look like a hero."
Mary Crutchfield - Network Manager, New York, NY
"PCI compliance was too complicated for me to waste time figuring how what I needed. Your IT security policies took that burden from me. I edited the policies to include a handful of items specific to our company and this project was complete."
Sam Evans - IT Director, Tulsa, Ok
"Thank you for making my life easy."
David Owens - Small Business Owner, Misson TX
"I've been in the business a long time and these IT policies and procedures are very well written. Incredible value."
James Overton - CTO, Dubai, United Arab Emirates