SecAware materials

SecAware logo 150 animated ezgif.gif

3½-page generic policy on the management of information risk.


The goal of information risk management is to optimize the organization’s information risk level in a cost-effective manner.  While it is neither sensible nor feasible to eliminate information risks completely, unacceptable information risks need to be identified and treated appropriately and systematically using the risk management approach described in this policy.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Information risk management policy