Creating an Information Security Policy can be a daunting task.  There are many pitfalls that might prevent a policy from being an effective tool that's being used and instead lead to becoming shelfware that only meets the needs for checkbox compliance.  It is important to understand the difference between a policy, a standard and a guideline to make sure the right information is in the policy.  Below are some good starting points including templates for writing information security policies. 


Add new comment

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.