~3-page information security policy template on (malicious) hacking.
Malicious hacking of our information systems and networks is a serious threat to our information and hence to the business and will not be tolerated. The organization uses numerous information security controls against hacking. Workers are expressly forbidden from malicious hacking, or bypassing, harming or disabling the anti-hacking controls, and are required to report hacking incidents, near misses and suspicions promptly.
[Benign hacking in the form of authorised penetration or vulnerability tests is permitted with appropriate controls.]
Delivered as an editable MS Word document, readily customized for your organization's specific needs.
Information security policy template on hacking
See also the policies on:
- Information risk management
- Social engineering
- Identification and authentication
- Physical security
- Access control
- Incident reporting
- Incident management
- IT systems development and acquisition
- IT systems implementation
- Database security
- Network security
- Monitoring and surveillance
- Audit and security logs
- Digital forensics
- Penetration testing