SecAware materials

SecAware logo

~4-page information security policy template on cryptography.


The policy lays out general requirements relating to cryptographic controls such as encryption and digital signatures, where these are needed to minimise unacceptable information risks that cannot be adequately mitigated through other means or are required for compliance reasons.


Organisation-specific details such as algorithms, key lengths, key management and a Certificate Practice Statement could be added to the policy or referenced in supporting materials.


Supplied as an MS Word document, readily customised for your organisation's specific situation.

Cryptography policy