SecAware materials

SecAware logo 150 animated ezgif.gif

A 3½-page generic information security policy concerning the development or acquisition of IT systems.


The IT systems development and acquisition processes must be managed to ensure that systems developed in house or acquired from third parties incorporate suitable information security controls to mitigate unacceptable information risks.  Valuable information assets associated with the development and acquisition process must also be protected.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

IT systems development & acquisition security policy