ISO 27001 Infor­ma­ti­on Secu­ri­ty Poli­cy Template

Description

The tem­p­la­te is fle­xi­bly cus­to­mi­sable and con­ta­ins stan­dard mar­ket spe­ci­fi­ca­ti­ons in the areas:

• Gui­de­lines for the management
• Orga­ni­sa­ti­on of infor­ma­ti­on security
• Per­son­nel security
• Manage­ment of values/assets
• Access con­trol, cryptography
• phy­si­cal and envi­ron­men­tal security
• the full chap­ter of ope­ra­tio­nal security
• com­mu­ni­ca­ti­on security
• acquisition/development/maintenance of systems
• sup­pli­er relations
• Infor­ma­ti­on secu­ri­ty inci­dent management
• Infor­ma­ti­on secu­ri­ty aspects of busi­ness con­ti­nui­ty management
• as well as the area of compliance

All are­as are pre­faced by a defi­ni­ti­on of the pri­ma­ry tar­get group respon­si­ble for imple­men­ting the requi­re­ments of that area. With this method, the infor­ma­ti­on secu­ri­ty poli­cy can be imple­men­ted in a tar­ge­ted man­ner by invol­ving the rele­vant depart­ments quick­ly and easi­ly in the com­pa­ny.

The tem­p­la­te Infor­ma­ti­on Secu­ri­ty Poli­cy accor­ding to ISO 27001 was deve­lo­ped espe­ci­al­ly for small and medi­um-sized enter­pri­ses and deli­bera­te­ly avo­ids split­ting the requi­re­ments into indi­vi­du­al docu­ments, such as a sepa­ra­te cryp­to­gra­phy poli­cy. All requi­re­ments con­cer­ning users are not included in this tem­p­la­te, but in the packa­ge tem­p­la­te user poli­cy accor­ding to ISO 27001, so com­pa­nies do not have to train their users on the cen­tral infor­ma­ti­on secu­ri­ty policy.

Lan­guage: Ger­man / English

Licence: Digi­tal tem­p­la­te in Micro­soft Office for­mat with right of use for one com­pa­ny. The tem­p­la­te may be modi­fied as desi­red. No resa­le, redis­tri­bu­ti­on or com­mer­cial use by con­sul­ting firms is permitted.