One of the foundations of compliance with the various Information Security Regulations (HIPAA, PCI, and others) is that compliance activities, policies, procedures, and systems information must be fully documented.
The documentation must be flexible and accurately representative of the systems, information flows, policies, and procedures that are in place at any point in time, in the past as well as currently.
While it may be possible to create and maintain such documentation using paper-based systems or sets of Microsoft Word documents, maintaining the information and keeping it up to date can be a significant task, and it is easy to fall behind. Once you fall behind, you are out of compliance.
Is there some way of more easily managing all this documentation? Is there a way that is easier to implement and update, without having to spend significant dollars on software licensing and dedicating a resource to manage the documentation?
Lewis Creek Systems is experienced in assisting clients in establishing and economically utilizing documentation management systems based on open-source, royalty-free Wiki technology, which is now in use by many leading companies and organizations.
Why is a Wiki a good documentation tool?
Wiki technology is an easy to use, open-source Web site technology. The benefits of Wiki technology for information security regulation documentation are:
• The structure of the system can be flexible
• No special programming language knowledge is required to edit content
• Changes are tracked and auditable, and capable of being rolled back
• The content in place at any particular point in the past can be determined
• The system can be customized and scripted to provide automatic updating of information
• There are no software licensing costs.
The result of using Wiki-based technology is a documentation system that is flexible and can allow easy, auditable modifications so that the documentation always keeps up with reality over time. With a Wiki-based documentation system in place, you will be better able to meet information security documentation requirements as well as ensure a rapid recovery from any adverse situations that may take place.
When you use a Wiki for your information security regulation documentation, you can easily document information about system support and configuration that is necessary for managing all levels of disaster recovery. You can keep track of all your hardware, software, and services, as well as the resources necessary to replace or support them day-to-day and in the event of a system failure or loss of facilities.
For further information about Wikis, see:
• http://wikipedia.sourceforge.net
How can Lewis Creek Systems help?
While using and maintaining a Wiki is easy, getting started can be a daunting task. You’ll need to identify all your information technology assets and collect the information necessary to populate the Wiki with the initial status of systems and networks, as well as the crucial information needed for recovering from system failures and other disasters.
Lewis Creek Systems has the experience in establishing Wikis (and other technologies) for business and healthcare organizations that can help you get started quickly and maintain the system yourself well into the future.
We can provide the resources to assist in the initial installation as well as the work necessary to create the initial documentation set. In addition, Lewis Creek Systems can place your documentation of compliance activities into the Wiki and link your policies and procedures to the regulatory requirements so that you can easily show your state of compliance.
Given the significant amount of work required in establishing any documentation system, it is clear that the best way to get started is to call on Lewis Creek Systems for assistance. We can help make it easy to get into compliance and stay compliant.
Go to the Services Overview