Written IT Policies

dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
in Off-Topic
I'm putting together a general security policy along with an acceptable use policy. I was curious what, if any, other policies I should look at implementing.

TIA.
· Share on FacebookShare on Twitter

Comments

  • cacharocacharo Member Posts: 361
    Privacy?, Escalation (if applicable), Business Conduct (may not be your responsibility)
    Treat people as if they were what they ought to be, and you help them become what they are capable of being.
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    Data protection

    Privacy

    Data retention

    SLAs

    Change control

    User privileges/access
    · Share on FacebookShare on Twitter
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    While they pretty much named the basics, have you seen this place?

    http://www.sans.org/resources/policies/

    I used this for my policy templates. The SANS institute is a Great place for IT policy resources, or at least I think it is.
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    snadam wrote:
    While they pretty much named the basics, have you seen this place?

    http://www.sans.org/resources/policies/

    I used this for my policy templates. The SANS institute is a Great place for IT policy resources, or at least I think it is.

    For sure. Somehow I missed the huge list of all the other ones. I only had their security policy.

    Thanks for the suggestions everyone. For a follow-up question, I'd like to ask which ones of those do you actually use? Or did you lump a lot of those together in a broad security policy?
    · Share on FacebookShare on Twitter
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    dynamik wrote:
    snadam wrote:
    While they pretty much named the basics, have you seen this place?

    http://www.sans.org/resources/policies/

    I used this for my policy templates. The SANS institute is a Great place for IT policy resources, or at least I think it is.

    For sure. Somehow I missed the huge list of all the other ones. I only had their security policy.

    Thanks for the suggestions everyone. For a follow-up question, I'd like to ask which ones of those do you actually use? Or did you lump a lot of those together in a broad security policy?

    the latter, smaller company needed something, but nothing extremely specific.
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
    · Share on FacebookShare on Twitter
Sign In or Register to comment.