SecAware materials

SecAware logo 150 animated ezgif.gif

~4-page information security policy template concerning third-party IT support, maintenance and related services.


IT support professionals, contractors, consultants and outsourcers employed by third-parties but working on behalf of the organisation are subject to the same information security and privacy obligations as its employees.  There are additional obligations due to the commercial relationships.


Giving IT system, information services, software and other suppliers, support and maintenance people unfettered access to the organisation's IT systems and data is risky, potentially even reckless, without the appropriate information security controls in place. 


Note: now is a good time to do this.  Don't look back after an incident, wishing you had dealt with it earlier!


[The policy could be extended to cover other professional services besides IT support (such as accountancy and legal specialists, strategy and information security consultants), with similar information risks and security controls.]


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Third party IT support security policy