(Go: >> BACK << -|- >> HOME <<)

Template

Security Tools, Templates, Policies

Sample policies with expert commentary; templates and checklists for security, business continuity, risk assessment and more.

April 01, 2009CSO — CSOonline's Security Tools, Templates & Policies page provides sample documents contributed by the security community. Feel free to use or adapt them for your own organization.*

Want to provide a policy or checklist? Contributions are welcome, as is expert commentary on any of the articles here. We will add materials on an ongoing basis. Send your thoughts to Senior Editor Joan Goodchild at jgoodchild@cxo.com.

*Though not for re-publication or for-profit use.

Sample Policies - Computers and Internet

Computer and E-Mail Acceptable Use Policy
Manufacturing company, <50 employees

Internet Acceptable Use Policy
Manufacturing company, <50 employees

Sample Policies - Physical Security and Emergency Management

Clean Desk Policy
Service company, 2000 employees

Cell Phone Use While Driving Policy
Company has many employees who travel frequently

Concealed Weapon Policy
Hospital, 10,000 employees. Makes allowance for security personnel.

Sample Policies - Privacy

Personnel Access/Changes Policy
Large, private university

Other Security Tools and Worksheets

Comparison of two actual data breach disclosure letters
Links to actual letters; includes expert commentary

Sample diagnostic questions for finding information security weaknesses
Book excerpt

Risk assessment questions for loading docks in multitenant buildings

Risk assessment questions for call centers

Risk assessment tool for use of USB drives

Three sample scenarios for tabletop exercises
Covering digital and physical business interruptions and threats

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Virtual Conference
Presented by CIO, CSO, and Networkworld

Security VC Attend this free, 100% online event on demand. Hear from experts on managing compliance mandates, insider threats, and much more.

» Learn more and register here

WEBCAST
How Cybercrime Has Changed

Trend Micro Trend Micro's Lab is analyzing 800 malware threats per hour! The bad guys are more sophisticated and have gone from nuisance crimes to attacks that make them rich. In this Webcast, hear about the latest cybercrime tactics and best practices to stay one step ahead.

» View the webcast

Featured Sponsors
Sponsored Links

Now is the Time to Protect Your Critical Information Assets

2009 Gartner Magic Quadrant for Static Application Security Testing

Achieving Software Security with Wipro Security Assurance Center Services

CISO's Guide To Creating and Managing the Secure Development Lifecycle (SDLC)

CISO's Guide to Securing Open Source Software

CISO's Guide to Web 2.0 Security

The Shortcut Guide to Prioritizing Security Spending-Chapter One-Optimizing Business Driven Security

Demand more network value--41% more. Read Forrester study at juniper.net/save

Protecting What Matters: The 6th Annual Global Security Survey

Preventing Enterprise Data Loss: White Paper Reveals Best Practices

Quantify your risk of data loss. Download Lumension's Device Scanner

Understanding Data Location is Imperative for Data Loss Prevention

10Minutes on Data & Identity Theft

How Are Open Source Development Communities Embracing Security Best Practices?

Advancing Software Security Assurance in the Enterprise

Service Management Simulator: An engaging path to business success

CISO's Guide to Commercial Off-The-Shelf Software (COTS)

CISO's Guide to Outsourcing

CISO's Guide to Application Security

The Visibility. Control. Automation(tm) Service Management Needs Assessment

Get Sophisticated About Your Web Application Security

Read RSA's DTCC Customer Case Study: Proactive Security Monitoring

New Insider Threat Emerges in the New Economy

File Integrity Monitoring: Prove compliance and secure your IT environments

Focus on risk and compliance will follow: Meeting the challenges of PCI DSS