Information Security Policy - Template 2

Information Security Policy – Template 2

Information is a valuable asset to the Company. All Company employees, contractors and third-parties are expected to protect Company information. To accomplish this, the Company has established safeguards to protect its information from unauthorized modification, destruction and disclosure. Information Security Policy provide a foundation for the successful operation of all such safeguards.

The objectives of information security policies are to:
• Set forth policies to protect the confidentiality of sensitive information and safeguard it against unauthorized access and disclosure, whether intentional or accidental
• Promote the integrity of information assets by setting forth policies to protect such assets from unauthorized accidental or intentional damage, modification, and destruction
• Assure the availability of information by establishing policies to assure continued access to information regardless of unplanned business interruptions

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. MINIMUM ROLES AND RESPONSIBILITIES
3.1 COMPANY MANAGEMENT
3.2 INFORMATION SECURITY OFFICER
3.3 COMPUTER USERS
3.4 INFORMATION OWNERS
3.5 SYSTEM AND NETWORK ADMINISTRATORS
4. VIOLATIONS AND NON-COMPLIANCE
5. PROTECTED INFORMATION
6. INFORMATION CLASSIFICATION
7. ACCESS TO INFORMATION ASSETS
8. DATA TRANSMISSION USING NETWORKS
9. REMOTE ACCESS
10. VENDOR REQUIREMENTS
11. SECURITY INCIDENT MANAGEMENT PROGRAM
12. PASSWORD & AUTHENTICATION SYSTEM POLICY
12.1 AUTHENTICATION SYSTEMS FOR COMPANY EMPLOYEES
12.2 SERVICE, SHARED, AND “ACTAS” (“SUDO”) ACCOUNTS
12.3 PASSWORD RULES FOR INTERNAL SYSTEMS
12.4 CLIENT LOG-IN AUTHENTICATION
12.5 PASSWORD RULES FOR CLIENT PRODUCTS
13. EXCEPTIONS
14. FINAL CONSIDERATIONS
14.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
14.2 DOCUMENT REVISION

Pages: 15

Review Information Security Policy – Template 2.

Your email address will not be published. Required fields are marked *

Related Products:

€79.99

Purchase

The objective of the Cryptographic Controls Standard is to outline the minimum information security controls which must be applied when cryptographic services and solutions are utilized by the Company. Specifically, this Standard focuses on key management requirements, acceptable algorithms, appropriate key lengths, and raises pertinent regulatory considerations relating to the use of cryptography.

€49.99

Purchase

The Data Protection Policy outlines the principles that must generally be complied with when processing personal data, in particular when transferring such data. The objective of this policy is to ensure compliance with legal requirements when processing personal data.

€79.99

Purchase

The Privacy and Data Protection Policy sets forth minimum standards for the collection, access, use, disclosure, disposal, safeguarding and other handling of certain nonpublic identifiable information on current, former, and prospective employees, clients and other third parties that the Company keeps or uses for business purposes. Such information is referred to as “Protected Information”.

Get  Your Free Sample

Please use the form below to subscribe to our list and receive a free procedure template!
GET YOUR FREE TEMPLATE
>
close-link