SecAware materials

A 5½-page overarching information security policy based on ISO/IEC 27001.

 

This is the peak of the classical policy pyramid, a high-level policy mandated by senior management which sets the scene and bolsters all the remaining information security policies and related materials.

 

We have used ISO/IEC 27001:2013 as the basis for this policy, including the Information Security Management System concept and a set of 'axioms' (generic policy statements) derived primarily from the control objectives identified in Annex A of the standard.  These are elaborated-on in ISO/IEC 27002:2013 and other good practice sources, forming a sound foundation for a number of information security policies, procedures and guidelines.

 

Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Corporate information security policy

$15.00Price
  • A high-level overarching information security policy template.

     

    See also the full range of supporting policies in the policy suite that expand on specific risk and control elements.

© 2020 IsecT Limited     Get in touch