General discussion


Security Policies

By egibson ·
My company is approaching an audit, and due to lack of resources over the last 2 years some of the documentation has failed to be completed, such as security policies. Does anyone have a security policy template that would be a good starting point for me so I do not have to recreate the wheel? Any help would be appreciated.

Thanks in advance,


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Same Problem

by mm-tweed In reply to Security Policies

I am busy with the same issue - except it is for a new group of companies. One can use expereince only and some background word - but the time !!

Will also preciatesame help - even if it is suggested lay-out and topics covered.


Collapse -

Re: Security Policies

by ikaufman In reply to Security Policies

I would check out the website of a major university. Usually they have links to Acceptable Use and General Use policies.
Also, check out Practical UNIX and Internet Security (published by O'Reilly). It has some good resources for implementing policies.


Collapse -

Gov. Source

by kg70 In reply to Try this site

Try searching for information about HIPAA's new proposed rule for Security and Electronic Signatures. This will give you a good base.

I have been researching this topic also. The British have a formal government document that has been useful.
The problem with security policies is that they can be used to help fingerprint your system, which is the first thing any hacker will do. Please keep this in mind when writing and posting your policies.

Good luck!

Related Discussions

Related Forums