SecAware materials

SecAware logo 150 animated ezgif.gif

4-page information security policy on business relationships - more specifically, this concerns managing the risks associated with transferring or exchanging information with business partners and other third parties.


Information risk must be taken into account when exchanging information with third parties in either or both directions.  The risk must be assessed and treated e.g. mitigated using suitable information security controls.  Baseline information security controls may be sufficient to protect exchanges of general, relatively inconsequential information (such as many emails), perhaps even for small amounts of more significant information, but stronger security controls are generally appropriate for the routine exchange of particularly valuable and/or sensitive information.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Business relationship security policy