© 2019 IsecT Limited, New Zealand      Get in touch

A 3½-page generic information security policy about the privileges needed to use and manage IT systems.


Controlling access to and use of privileged user identities (user IDs, also known as usernames, system or user accounts, and logons) is fundamental for IT systems security since most other technical system security controls can be overridden or disabled by privileged users.  This policy explains how privileges are controlled according to the information risks associated with various IT and communications systems, devices, applications etc.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

IT systems privileges security policy

  • Security policy template about IT systems privileges


    See also the security policies on:

    • Information governance
    • Information ownership
    • Information risk management
    • Information classification
    • Trust
    • Cybersecurity
    • Identification and authentication
    • Access control
    • Security architecture and design
    • IT systems development and acquisition
    • IT systems security
    • Network security
    • IT systems implementation
    • Backups and archives
    • Cloud computing
    • Internet of Things
    • Bring Your Own Device
    • Change and configuration management
    • Patching and updating software
    • Incident management
    • Business Continuity Management
    • Oversight
    • Assurance
    • Monitoring and surveillance
    • IT auditing
    • Hacking
    • Malware
    • Social engineering
    • Security awareness and training