Directory IndiaPress
07 September, 2008 

 
Google
DMOZ DIRECTORY
Top: Computers: Security: Policy: Sample Policies  (80)

See also:

  • Acceptable Use Policy - Defines acceptable use of IT equipment and computing services, and the appropriate employee security measures to protect the organization's corporate resources and proprietary information. [MS Word]
  • Acquisition Assessment Policy - Defines responsibilities regarding corporate acquisitions and the minimum requirements of an acquisition assessment to be completed by the information security group. [MS Word]
  • Analog-ISDN Line Policy - Defines policy for analog-ISDN lines used for FAXing and data connections.
  • Anti+Virus Policy - Requirements for effective virus detection and prevention. Written for a laboratory environment but easy to adapt for other settings. [MS Word]
  • Application Service Provider Policy - Security criteria for an ASP. [PDF]
  • Audit Policy - Defines requirements and provides authority for the information security team to conduct IT audits and risk assessments. [PDF]
  • Backup Policy - Sample policy from the University of North Carolina requires daily, weekly and monthly backups (sometimes known as 'grandfather, father, son').
  • Backup Policy - A primer to help small businesses write their own backup policies.
  • Backup Policy - Sample policy requires a cycle of daily and weekly backups (monthly backups are also advisable).
  • Campus Security Policy - An overarching security policy from Berkeley University includes links to more specific and detailed policies.
  • Campus Security Policy - High level information security policy from Washington University.
  • Certification and Accreditation Policy - Policy template by Walt Kobus defines requirements and responsibilities for security assurance throughout the system development process. [PDF]
  • Communications Policy - Datacommunications security policy template by Walt Kobus defines network security control requirements. [PDF]
  • Cryptography Policy - Cryptographic policy template by Walt Kobus. [PDF]
  • Data Classification Policy - Policy template by Walt Kobus describes the classification of information according to sensitivity (primarily confidentiality). [PDF]
  • Database Password Policy - Defines requirements for securely storing and retrieving database usernames and passwords. [MS Word]
  • Dial+in Access Policy - Policy regarding the use of dial+in connections to corporate networks. [MS Word]
  • Disaster Recovery Policy - Basic DR policy in just over one side. [PDF]
  • Disaster Recovery Policy - Succinct DR policy from Imperial College, London.
  • DMZ Security Policy - Sample policy establishing security requirements of equipment to be deployed in the corporate De+Militarized Zone. [MS Word]
  • Electronic Communications Policy - Formal policy from the University of California covering email and other electronic communications mechanisms [PDF]
  • Email Forwarding Policy - Email must not be forwarded automatically to an external destination without prior approval from the appropriate manager. [PDF]
  • Email Policy - Northern Illinois University email policy
  • Email Retention Policy - Sample policy to help employees determine which emails should be retained and for how long.
  • Encryption Policy - Defines encryption algorithms that are suitable for use within the organization. [MS Word]
  • The ePolicy Institute - Provides policies and resources on information security and other related topics.
  • Ethics Policy - Sample policy intended to 'establish a culture of openness, trust and integrity'.
  • Extranet Policy - Defines the requirement that third party organizations requiring access to the organization's networks must sign a third+party connection agreement. [MS Word]
  • Government Security Policy - The New Zealand Government's information security policy, based on the 2000 version of ISO-IEC 17799. [ZIP file containing PDF and MS Word versions]
  • Holistic Operational Security Readiness Evaluation - Collaborative open project building a library of sample information security policies, supporting standards and other documents through a wiki.
  • HSPD+12 Privacy Policy - Sample privacy policy including Privacy Act systems of records notices, Privacy Act statements and a privacy impact assessment, designed to satisfy the requirements of HSPD+12 “Policy for a Common Identification Standard for Federal Employees and Contractors”
  • Identification and Authentication Policy - I&A policy template by Walt Kobus defines requirements for access control. [PDF]
  • Information Data Ownership Policy - Policy template by Walt Kobus defines the roles and responsibilities of owners, custodians and users of information systems. [PDF]
  • Information Security Policies - Templates for information security policies, guidelines, checklists and procedures by Walt Kobus.
  • Information Security Policies - The Information Security Toolkit from UCISA (University Colleges and Information Systems Association) contains a suite of security policy and guidance documents reflecting and cross+referenced against BS7799, intended for use in universities. [PDF documents]
  • Information Security Policies - NIST's collection of well over 100 security policies and related awareness materials, mostly from US Government bodies.
  • Information Security Policies - US Postal Service's information security policy manual. 264 pages of security controls, broadly similar in structure to ISO-IEC 27002. [PDF]
  • Information Security Policies - An extensive collection of information security policy samples at SecurityDocs.
  • Information Security Policies - 111+page security policy manual from the Australian New South Wales Department of Commerce, based on ISO-IEC 27001. [PDF]
  • Information Security Policies - Set of acceptable use and technical policies from the University of Auckland covering common information security issues.
  • Information Security Policies - SANS consensus research project offering around 30 editable information security policies.
  • Information Security Policy - An information security policy from the University of Illinois.
  • Information Security Policy - High+level information security policy statement for the Childhood Cancer Research Group at Oxford University.
  • Information Sensitivity Policy - Sample policy defining the assignment of sensitivity levels to information. [PDF]
  • Internet Acceptable Use Policy - One page Acceptable Use Policy example. [PDF]
  • Internet DMZ Equipment Policy - Sample policy defining the minimum requirement for all equipment located outside the corporate firewall. [PDF]
  • IP Network Security Policy - Example security policy to demonstrate policy writing techniques introduced in three earlier articles.
  • ISO-IEC 27001 Policies - Typical headings for a security policy aligned broadly with the ISO-IEC 27002 standard for information security management systems.
  • ISO27k Toolkit - Collection of information security policies, procedures etc. aligned with the ISO-IEC 27000+series standards and provided under the Creative Commons license. [PDF]
  • IT Security Policy - Information technology security policy at Murdoch University, complete wth supporting standards and guidelines.
  • IT Security Policy - IT security policy example-how+to guide from Enterprise Ireland.
  • K+20 Network Acceptable Use Policy - Policy on acceptable use of a school network, along with information for parents and an informed consent form. Developed in Washington State.
  • Laboratory Security Policy - Policy to secure confidential information and technologies in the labs and protect production services and the rest of the organization from lab activities. [MS Word]
  • Law Enforcement Data Security Standards - IT security policy applicable to the Victoria Police in Australia. 93 pages based on ISO-IEC 27002 and related standards. [PDF]
  • Modem Policy - Sample policy from Sandstorm, designed as an addition to an existing Remote Access Policy, if one exists, or simply to stand alone.
  • Network Security Policy - Example security policy for a data network from the University of Toronto.
  • Network Security Policy Guide - Watchguard's guide to creating an overarching network information security policy, supported by subsidiary policies. [PDF]
  • Password Policy - A password policy presented in the form of a series of security awareness posters. "Passwords are like underwear ..." [PDF]
  • Password Policy - Defines standards for creating, protecting and changing strong passwords. [MS Word]
  • Personnel Security Policy - Example policy covering pre+employment screening, security policy training etc. [PDF]
  • Physical Security Policy - Policy template by Walt Kobus defines requirements for physical access control to sensitive facilities and use of ID badges. [PDF]
  • Privacy Policy - Generic policy for websites offering goods and services, with an important warning to seek qualified legal advice in this area.
  • Privacy Policy - Concise policy (just 3 paragraphs) published by the School of Graduate Studies at Norwich University.
  • Remote Access Policy - Defines standards for connecting to a corporate network from any host. [MS Word]
  • Resource Utilization Policy - Poilicy template by Walt Kobus defines requirements for resilience, redundancy and fault tolerance in information systems. [PDF]
  • Risk Assessment Policy - Defines requirements and authorizes the information security team to identify, assess and remediate risks to the organization's information infrastructure. [MS Word]
  • Router Security Policy - Sample policy establishing the minimum security requirements for all routers and switches connecting to production networks. [MS Word]
  • Security Audit Policy - Audit policy template by Walt Kobus. [PDF]
  • Security Management Policy - General information security policy template by Walt Kobus. [PDF]
  • Security Policy Primer - General advice for those new to writing information security policies. [PDF]
  • Server Security Policy - Defines standards for minimal security configuration for servers inside the organization's production network, or used in a production capacity. [PDF]
  • Standard Practice Guide - Policy covering appropriate use of information resources and IT at the University of Michigan. [PDF]
  • Telecommuting-Teleworking Policy - Sample policy on teleworking covering employment as well as information security issues.
  • Third Party Connection Agreement - Sample agreement for establishing a connection to an external party. [PDF]
  • University Information Security Policies - Electronic resource usage and security policies from the University of Pennsylvania.
  • University Information Security Policies - A set of information security policies from the University of Louisville.
  • Use of Electronic Mail - Policy from the University of Colorado on the use of, access to, and disclosure of electronic mail.
  • User Data Protection Policy - Policy template by Walt Kobus defines requirements for access controls, least privilege, integrity etc. to secure personal data. [PDF]
  • Virtual Private Network Policy - Defines the requirements for Remote Access IPSec or L2TP Virtual Private Network (VPN) connections to the organization's network. [PDF]
  • Wireless Communication Policy - Sample policy concerning the use of unsecured wireless communications technology. [PDF]
Help build the largest human-edited directory on the web.
Submit a Site - Open Directory Project - Become an Editor
 

Our Other Sites IndiaPress.org World Newspapers Vedic Astrology Horoscope Office Supplies Hindi Keyboard IndianAge.com