Policies
Governance Resources
Embedded Files
Best Practice Policies - Select the link to learn more review resources.
Best Practice Policies - Select the link to learn more review resources.
Acceptable Use Policy: Defines acceptable and prohibited uses of information systems and resources.
Access Control Policy: Manages who has access to information systems and data, and what level of access they have.
Data Encryption Policy: Mandates encryption of sensitive data in the cloud [[general best practice]].
Data Security Policy: Protects the confidentiality, integrity, and availability of sensitive data.
Incident Response Policy: Outlines how to respond to cybersecurity incidents, including detection, containment, recovery, and reporting.
Information Security Policy: Outlines the organization's overall approach to cybersecurity.
Mobile Device Security Policy: Addresses the security risks associated with mobile devices .
Password Policy: Sets requirements for strong passwords and secure password management.
Remote Access Policy: Secures access to cloud resources from remote locations [[general best practice]].
Risk Management Policy: Outlines the process for identifying, assessing, and mitigating cybersecurity risks.
Security Awareness and Training Policy: Promotes cybersecurity awareness and training for all employees.
Telework Security Policy: Protects information assets when employees work remotely.
Vendor Security Policy: Manages the security risks associated with third-party vendors.
CIS Governance
CIS Governance
CIS Controls: A prioritized set of actions to protect organizations against known cyber-attacks.
CIS Benchmarks: Security configuration guidelines for specific technologies and platforms.
Cloud-Related Policies
Cloud-Related Policies
Access Control Policy for Cloud Systems: Manages access to cloud resources and data.
Cloud Security Policy: Outlines security measures for cloud infrastructure, applications, and data.
Cloud Data Security Policy: Protects sensitive data in the cloud [[general best practice]].
Cloud Incident Response Policy: Guides response to cloud-related security incidents [[general best practice]].
Cloud Vendor Security Policy: Manages security risks associated with cloud vendors [[general best practice]].
Page updated
Google Sites
Report abuse