Skip to content
Policy Acceptance Template
  • Pages
    • Welcome!
    • Live Policies
      • Acceptable Use Policy
      • Access Control Policy
      • Asset Management Policy
      • Backup Policy
      • Business Continuity and Disaster Recovery Policy
      • Change Management Policy
      • Code of Conduct
      • Data Classification and Handling Policy
      • Data Protection Policy
      • Data Retention and Deletion Policy
      • Encryption & Key Management Policy
      • Exception and Enforcement Policy
      • Incident Response Policy
      • icon picker
        Information Security Policy
      • Internal Security Audit Policy
      • Network Security Policy
      • Password Policy
      • Physical Security Policy
      • Responsible Disclosure Policy
      • Risk Management Policy
      • Secure Development Policy
      • Vendor Management Policy
      • Vulnerability Management & Patch Policy
      • Wireless Communication Policy
    • Admin
      • Policy Compliance
      • Acceptance Log
      • Live Policies Admin View
      • Policy Changelog
      • Template Policy
Policy Acceptance Template
/
/
Information Security Policy
Share
Explore

Information Security Policy

Overview

Purpose

The purpose of this policy is to establish guidelines and procedures for safeguarding company data and technology assets.

Scope

This policy applies to all employees, contractors, and third-party vendors who have access to company data and technology assets.

Policy

Access Control: Access to company data and technology assets should be granted on a need-to-know basis. Employees should not share their login credentials or access company data on personal devices.
Data Protection: Data should be classified based on its sensitivity level and appropriate security measures should be implemented to protect it. This includes encryption, backup, and disposal procedures.
Incident Response: All security incidents should be reported to the IT department immediately. Employees should not attempt to investigate or resolve security incidents on their own.
Physical Security: Access to company facilities should be restricted to authorized personnel. Physical security measures such as locks, security cameras, and alarms should be implemented to protect company assets.
Information Security Awareness: All employees should receive regular training on information security best practices and policies.

Enforcement

Violation of this policy may result in disciplinary action, up to and including termination of employment or contract.

Revision History

Date of Change
Policy
Notes
1/31/2022
Policy Created
No results from filter

Accept

Information Security Policy 1.1
By clicking this button I acknowledge that I have read the above policy and agree to comply with the policy
No results from filter


Revision and acceptance filter:
DO NOT CHANGE


Overview
Purpose
Scope
Policy
Enforcement
Revision History
Accept
Gallery
 
Want to print your doc?
This is not the way.
Try clicking the ··· in the right corner or using a keyboard shortcut (
CtrlP
) instead.