SecAware materials

SecAware logo 150 animated ezgif.gif

~2 page information security policy template about professional services.


‘Professional services’ are information-rich services, consultancy and advice provided by professional specialists in strategy, law, finance and accounting, engineering, HR, IT etc.  Service providers and clients may work for different organisations, or for different parts of the same one. 


Given the importance, value and sensitivity of the information, professional services engagements often involve significant information risks. Since they are quite diverse, this generic policy template stops short of requiring specific controls. Instead, management must identify, evaluate and treat the information risks throughout the engagements, giving examples of typical information risks and security controls.


The policy may be implemented by professional services providers and their clients.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Professional services policy