3-page information security policy on access control.
 
Whereas access to information should be restricted where necessary, access by workers should be permitted by default unless there are legitimate reasons to restrict it.
 
Delivered as an editable MS Word document, easily customized for your organization's specific needs.