© 2019 IsecT Limited, New Zealand      Get in touch

A 5-page generic information security policy concerning malware (malicious software - viruses, Trojans, spyware, ransomware, rootkits etc.).


Malware is a serious threat to the organization, therefore effective malware controls are essential.  Where technically feasible, approved antivirus software must run continuously on all relevant devices, and be updated frequently.  Further technical and procedural controls are necessary to address malware risks, including effective incident response, backups and other business continuity and contingency arrangements in case of serious incidents.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Malware policy

  • Security policy template on malware


    See also the security policies on:

    • Cybersecurity
    • Network security
    • IT system security
    • Access control
    • Information integrity
    • Monitoring and surveillance
    • BYOD Bring Your Own Device
    • Incident reporting
    • Incident management
    • BCM Business Continuity Management
    • Backups and archives


  • April 2019