3-page information security policy template on restricting and permitting access to controlled information.
Whereas access to information should be restricted where necessary, access by workers should be permitted by default unless there are legitimate reasons to restrict it.
Supplied as an MS Word document, readily customised for your organisation's specific situation.
Access control policy
Information security policy template on access control
See also the policies on: