Written IT Policies

dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
I'm putting together a general security policy along with an acceptable use policy. I was curious what, if any, other policies I should look at implementing.

TIA.

Comments

  • cacharocacharo Member Posts: 361
    Privacy?, Escalation (if applicable), Business Conduct (may not be your responsibility)
    Treat people as if they were what they ought to be, and you help them become what they are capable of being.
  • tierstentiersten Member Posts: 4,505
    Data protection

    Privacy

    Data retention

    SLAs

    Change control

    User privileges/access
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    While they pretty much named the basics, have you seen this place?

    http://www.sans.org/resources/policies/

    I used this for my policy templates. The SANS institute is a Great place for IT policy resources, or at least I think it is.
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    snadam wrote:
    While they pretty much named the basics, have you seen this place?

    http://www.sans.org/resources/policies/

    I used this for my policy templates. The SANS institute is a Great place for IT policy resources, or at least I think it is.

    For sure. Somehow I missed the huge list of all the other ones. I only had their security policy.

    Thanks for the suggestions everyone. For a follow-up question, I'd like to ask which ones of those do you actually use? Or did you lump a lot of those together in a broad security policy?
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    dynamik wrote:
    snadam wrote:
    While they pretty much named the basics, have you seen this place?

    http://www.sans.org/resources/policies/

    I used this for my policy templates. The SANS institute is a Great place for IT policy resources, or at least I think it is.

    For sure. Somehow I missed the huge list of all the other ones. I only had their security policy.

    Thanks for the suggestions everyone. For a follow-up question, I'd like to ask which ones of those do you actually use? Or did you lump a lot of those together in a broad security policy?

    the latter, smaller company needed something, but nothing extremely specific.
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
Sign In or Register to comment.