There are three main parts to the policy. First, the introduction to the policy puts the document in context, provides for key contact information and identifies the role of employees and and contractors. Second, the policy sets out some specific cyber security requirements which all personnel should adhere to. These incldue requirements relating to passwords, the circumvention of security measures, reporting security breaches, use of non-company devices for connecting to company systems, software installation and risky internet behaviour. Third, the policy identifies the types of action which will constitute system misuse – which may constitute a disciplinary issue.
It should be stressed that this simple policy is not suitable for more complex organisations.
Alternative cyber security policies
We supply a range of cyber security documents on our ecommerce websites, website-contracts.co.uk and Docular.
|Title||Description||Get the document on…|
|End user cyber security policy||A selection of end user policies, for both employees and contractors.|
|Supply chain cyber security policy||A policy to regulate supplier security, intended to form part of a contract.|