Information Security: Principles and Practices, Second Edition

Appendix C. Sample Policies

This appendix provides real-world examples of security policies you’re likely to find in use in a typical security programme (see Chapter 4, “Governance and Risk Management”). These standards illustrate the types of security documentation you can find at the SANS Security Policy Project; boilerplate documentation is available there, to reduce the need to reinvent the wheel each time a new policy is required. You can find the Security Policy Project at www.sans.org/resources/policies/.

Sample Computer Acceptable Use Policy

1.0.0 Acceptable Use Policy

1.1.0 Overview

<Company Name Here>’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to <Company Name Here>’s established ...

Get Information Security: Principles and Practices, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Security: Principles and Practices, Second Edition by Mark S. Merkow, Jim Breithaupt

Appendix C. Sample Policies

Sample Computer Acceptable Use Policy

1.0.0 Acceptable Use Policy

1.1.0 Overview

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly