Writing any policy or procedure can be an overwhelming task. The policies and procedures required as part of the TR-39 or PCI PIN security requirements can be even more so since the topic is very detailed and specific actions must take place in a proper order, else severe consequences can occur, i.e., a key compromise.
The Internet offers a multitude of possible tools or templates for writing procedures; however, since TR-39 and PCI PIN require specific detailed actions and tasks, many of the templates on the web are not easily converted for use in the asymmetric or symmetric cryptographic keying environments.
As a means to provide a standardized foundation for the development of procedures specific to the management of symmetric cryptographic keys and hardware, Delap developed the Modifiable Procedure Templates.
This product includes procedure templates for most life-cycle events performed using symmetric cryptographic keys and their correlating secure cryptographic devices (SCDs). Although, designed for use within the symmetric key environment, the templates can be easily adapted to work in the asymmetric cryptographic environment too.
The tool is Microsoft WORD® based and as the title indicates – all templates are modifiable. Proficiency with the use of WORD® and its features and functions, specific to tables is required.