SecAware materials

SecAware logo 150 animated ezgif.gif

~4-page information security policy template on complliance.


Given the potential impacts of non-compliance with obligations imposed by information security-related policies, laws, regulations, standards, contracts, agreements etc., this policy specifies a three-pronged approach:

  • Proactively monitor and assess applicable information security and privacy-related obligations imposed by laws, regulations, standards, contracts etc.;
  • Fulfill obligations to protect information assets through compliance and enforcement actions as appropriate; and
  • Insist that third-parties comply with their obligations to protect information assets that are disclosed or provided to them, through further compliance and enforcement actions.


Compliance enforcement and reinforcement are complementary approaches: as well as penalising non-compliance, how about encouraging and rewarding compliance?  Carrot and stick!


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Compliance policy