SecAware materials

SecAware logo 150 animated ezgif.gif

3½-page generic policy on (malicious) hacking.


Malicious hacking of information systems and networks is a serious threat to information and hence to the organization and will not be tolerated.  The organization's Information Security Management System incorporates a swathe of controls against hacking.  Workers are collectively responsible for upholding the anti-hacking controls and reporting hacking incidents, near-misses and suspicions promptly ... and of course for not hacking, at least not without due authorization (e.g. pentesting).


Delivered as an editable MS Word document, readily customized for your organization's specific needs.

Hacking policy