Services
Services Overview Information Security Policies Infosec Audits
Solutions
WISP - Written Information Security Program iO™ ClickSafe eMail
Resources
Email Deliverability Check Email SPF Checker DKIM Checker
iO™ Media
Blog Podcast - Cash in the Cyber Sheets
About Us
Contact Us About Us Input Output ADA Compliance Statement Privacy Policy Satisfaction Guarantee Terms & Conditions
CONTACT US

#64: Cash in the Cyber Sheets - How to Actually Write Security Policies That Work

Season #1

So you've got frameworks, regulatory requirements, client expectations, and a million checkboxes to tick... but how do you actually write policies that make sense, get followed, and don’t make your staff cry? That’s exactly what we’re tackling in this solo episode of Cash in the Cyber Sheets.

In this episode, James pulls back the curtain on one of the most common pain points organizations face—translating a mess of compliance obligations into clear, useful, and auditable information security policies.

You’ll hear about:

  • The disconnect between frameworks and real-world implementation

  • How to stop chasing “perfect” policies and focus on practical ones

  • The simple method we use at Input Output to create policy sets that are easy to build, communicate, implement, and audit

Whether you're working with NIST, ISO, CMMC, HIPAA, GLBA/FTC Safeguards Rule, or a Frankenstein mix of frameworks, James walks you through a refreshingly human (and slightly irreverent) approach to solving your policy puzzle. You’ll hear how we bridge the gap between checkbox compliance and operational reality—with strategies that even non-technical stakeholders can wrap their heads around.

You’ll also get a glimpse of how this approach supports ongoing audits, internal reviews, and policy updates without starting from scratch every time someone sneezes near a new regulation.

So if you’ve ever stared at a blank “Acceptable Use Policy” and wondered where to start—or if you’ve inherited a pile of legacy policies that are 18 pages too long and 5 years out of date—this one’s for you.

🧠 Practical. 🔐 Secure. 📝 Scalable.
Tune in and learn how to write policies that work for your business, not just the auditor.