Template - Corporate Information Security Policy
Implementing an Information Security Management System within a company is not a simple process. But as all things, it needs to begin somewhere and the right place to begin is at the top.
All information security efforts should start with a strong top management commitment. This commitment is usually communicated via the Information Security Policy.
The Policy needs to be concise, easily readable by all employees and should clearly express the following statements:
- Management is very serious about Information Security
- All employees are responsible for and must enforce Information Security
- Operational responsibility and guidelines for the Information Security Management will be delegated to the named persons and via the named documents
And if you think that by now everyone should have this done, think again. A lot of fairly large organizations don't have this document created and communicated. The freshest example is the City of San Francisco, which apparently did not have a proper policy in place.
Information Security Short Takes has prepared a Template document, that you can download and use as a basis for your own Information Security Policy.
Download the Information Security Policy Template HERE
Related posts
Template to Regulate your Firewall Configurations
Talkback and comments are most welcome
Subscribe to:
Post Comments (Atom)
2 comments:
Nice Reading. Thanks.
LRQA helps bring integrity, independence and world-renowned recognition to your assurance claims.
Quality-ISO 9001 Training
Environmental-ISO 14001 Training
Information Security Management Training
Food & Beverage Industry Management Training
Occupational Health And Safety Management Training
Hey, very nice site. I came across this on Google, and I am stoked that I did. I will definately be coming back here more often. Wish I could add to the conversation and bring a bit more to the table, but am just taking in as much info as I can at the moment.
iso 9000
Post a Comment