SecAware materials

SecAware logo 150 animated ezgif.gif

A comprehensive, coherent suite of information security policy templates, comprising:

  • The overarching corporate information security policy - a high-level management perspective on information risk and security based on ISO/IEC 27001, supported by ...
  • The topic-based policies - a mesh of policies covering a deliberately wide variety of information security, risk, privacy and related matters (76 of them!);
  • A cross-reference matrix showing relationships between the topic-based policies (spreadsheet);
  • The Acceptable Use Policies - a set of 8 less formal, more accessible guidance materials aimed at general employees, using examples to contrast acceptable against unacceptable activities;
  • An executive briefing explaining the purpose of Acceptable Use Policies and Codes of Conduct.


The entire suite was conceived, written and maintained by a single professional. It has evolved over decades, gradually expanding in scope and changing in line with developments in the field.


The policies:

  • Comprise the top two layers of the classical 'policy pyramid' shown;
  • Specify typical control objectives and good practice controls, inspired by ISO27k and other standards;
  • Share the same structure, layout, format and writing styles, using MS Word styles consistently;
  • Are essentially 'camera-ready' aside from any amendments required for the organisation;
  • Form an interlocking mesh: they are designed to work together, supporting each other.


Review and consider the templates carefully, adapting them where appropriate to suit your organisation's unique needs (e.g. your compliance obligations, risks and controls) and situation (e.g. to align with policies in related areas such as risk, IT and HR). 

SecAware policy suite (package deal)

$1,720.00 Regular Price
$430.00Sale Price
  • A full suite of Information security policy templates on a wide range of topics