A 4- page generic information security policy concerning third-party IT support and maintenance services.
Giving your IT system, information services, software and other suppliers, support and maintenance people unfettered access to your IT systems and data is risky, potentially even reckless, without the right controls in place. The information risks should be identified, assessed and treated accordingly.
Note: now is a good time to do this. Don't look back after an incident, wishing you had dealt with it earlier!
Delivered as an editable MS Word document, easily customized for your organization's specific needs.
Third party IT support & maintenance security policy
Model security policy on 3rd party IT services