|
|
|
|
Home / Computers / Security / Policy / Sample Policies
|
|
|
|
Web Sites
|
- Acceptable Encryption Policy -
www.sans.org/newlook/resources/policies/Acceptable_Encryption_Policy.pdf
- Acceptable Use Policy - This document establishes policies, assigns responsibilities, and prescribes standards and procedures for the management and use of an Automated Information System security program for the District Office.
www.sans.org/infosecFAQ/policy/use_policy.htm
- Acceptable Use Policy (pdf) - Defines acceptable use of equipment and computing services, and the appropriate employee security measures to protect the organizations corporate resources and proprietary information.
www.sans.org/newlook/resources/policies/Acceptable_Use_Policy.pdf
- Acceptable Use Policy Document - A sample acceptable use policy covering many areas of corporate IT infrastructure.
www.sans.org/infosecFAQ/policy/accept_use.htm
- Acquisition Assessment Policy - Sample policy establishing the role of IT Security in assessing the risk to information systems as a result of corporate acquisitions.
www.sans.org/newlook/resources/policies/Aquisition_Assessment_Policy.pdf
- Analog Line Policy - Sample policy for the approval and acceptable use of analog and ISDN lines for the purpose of faxing and establishing connections to computer systems.
www.sans.org/newlook/resources/policies/Analog_Line_Policy.pdf
- Anti-Virus Guidelines -
www.sans.org/newlook/resources/policies/Anti-virus_Guidelines.pdf
- Application Service Provider Policy - This sample policy provides guidelines for controlling the use of application service providers (ASP's).
www.sans.org/newlook/resources/policies/Application_Service_Providers.pdf
- Application Service Provider Standards - Sample set of minimum security standards that an application service provider must meet to be considered for use by a corporation.
www.sans.org/newlook/resources/policies/asp_standards.pdf
- Audit Policy - Sample policy which give members of IT Security the authority to conduct security audits on corporate information systems.
www.sans.org/newlook/resources/policies/Audit_Policy.pdf
- Database Password Policy -
www.sans.org/newlook/resources/policies/DB_Credentials_Policy.pdf
- Dial-in Access Policy - Sample policy controlling the use of dial-in connection to corporate networks.
www.sans.org/newlook/resources/policies/Dial-in_Access_Policy.pdf
- DMZ Lab Security Policy - Sample policy establishing the minimum security requirements of any equipment to be deployed in the corporate DMZ.
www.sans.org/newlook/resources/policies/DMZ_Lab_Security_Policy.pdf
- Email Forwarding Policy - Sample policy for controlling the use of automatic forwarding functions of email systems.
www.sans.org/newlook/resources/policies/Automatically_Forwarded_Email_Policy.pdf
- Extranet Policy -
www.sans.org/newlook/resources/policies/Extranet_Policy.pdf
- Hennepin County E-mail Policy - The Hennepin County Electronic Mail System (e-mail) is designed to facilitate County business communication among employees and other business associates for messages or memoranda. Since no computer system is completely secure, the e-mail system is not intended to transmit sensitive materials, such as personnel decisions and other similar information which may be more appropriately communicated by written memorandum or personal conversation.
www.co.hennepin.mn.us/wemail.html
- Information Sensitivity Policy - Sample policy to assist users to assign sensitity levels to information they own.
www.sans.org/newlook/resources/policies/Information_Sensitivity_Policy.pdf
- Internal Lab Security Policy -
www.sans.org/newlook/resources/policies/Internal_Lab%20Security_Policy.pdf
- Internet DMZ Equipment Policy - Sample policy defining the minimum requirement for all equipment located outside the corporate firewall.
www.sans.org/newlook/resources/policies/Internet_DMZ_Equipment_Policy.pdf
- Lab Anti-Virus Policy -
www.sans.org/newlook/resources/policies/Lab_Anti-Virus_Policy.pdf
- Password Policy -
www.sans.org/newlook/resources/policies/Password_Policy.pdf
- Remote Access Policy - The purpose of this policy is to define standards for connecting to a corporate network from any host.
www.sans.org/newlook/resources/policies/Remote_Access_Policy.pdf
- Risk Assessment Policy -
www.sans.org/newlook/resources/policies/Risk_Assessment_Policy.pdf
- Router Security Policy - Sample policy establishing the minimum security requirements for all routers and switches connecting to production networks.
www.sans.org/newlook/resources/policies/Router_Security_Policy.pdf
- Server Security Policy -
www.sans.org/newlook/resources/policies/Server_Security_Policy.pdf
- Third Party Connection Agreement - Sample agreement for establishing a connection to an external party.
www.sans.org/newlook/resources/policies/Third_Party_Agreement.pdf
- University of Colorado Email Policy - This administrative policy statement sets forth the University's policy with regard to use of, access to, and disclosure of electronic mail to assist in ensuring that the University's resources serve those purposes.
www.cusys.edu/~policies/General/email.html
- Virtual Private Network Policy -
www.sans.org/newlook/resources/policies/Virtual_Private_Network.pdf
- Wireless Communication Policy - Sample policy controlling the use of unsecured wireless communications technology.
www.sans.org/newlook/resources/policies/Wireless_Communication_Policy.pdf
|
|
|
|
|