INFORMATION SECURITY POLICIES MADE EASY VERSION 14 NOW AVAILABLE!

The new Version 14 of Information Security Policies Made Easy, written by security policy expert Charles Cresson Wood, includes over 1500 sample information security policies covering all ISO 27002 information security domains. Take the work out of writing security policies.

CLICK HERE TO PURCHASE NOW!

Information Security Policies Made Easy has everything you need to build a robust security policy program, including:

Thirty-eight (38) essential sample information security policy documents:

Complete 1500+ information security policy statement library

Expert information security policy development advice and tools

Comprehensive Information Security Policy Coverage

Information Security Policies Made Easy covers over 200 essential information security topics including:

What’s new in ISPME V14?

Information Security Policies Made Easy, Version 14 contains these updates:

Security Policy Library Update for the Common Policy Library (CPL)

Over 60 information security policies have been added to the Common Policy Library (CPL). Areas of focus for this update include Privileged Account Management, Third Party Security and Data Privacy Governance for the General Data Protection Regulation (GDPR).

Updated Security Policy Mappings

Version 14 contains updated mappings between the ISPME policy documents and leading regulatory frameworks. Among the updated mappings are NIST 800-53 Revision 5 and US Cyber Security Framework Version 1.1. Mappings include:

  1. ISO 27002:2013
  2. NIST 800-53 Revision 5
  3. PCI-DSS 3.2
  4. US Cyber Security Framework V 1.1
  5. HIPAA/HiTECH
  6. FFIEC (Financial Services)
  7. New York DFS

39 Updated “Ready-to-Go” Sample Security Policy Templates

Version 14 now contains 39 complete, pre-written sample security policy documents in MS-Word format. Twenty 20 new policy documents have been added including:

  1. High-Level Information Security Policy
  2. IT Risk Management Security Policy
  3. Information Security Program Policy
  4. Information Security Organization Policy
  5. Audit and Compliance Assessment Policy
  6. Asset Management Policy
  7. Acceptable Use of Assets Policy
  8. Acceptable Use of Social Networking Policy
  9. Cloud Computing Security Policy
  10. Mobile Computing Security Policy
  11. Remote Working (Telecommuting) Security Policy
  12. Personally Owned Devices (BYOD) Security Policy
  13. Information Classification Policy
  14. Information Exchange Policy
  15. Information Storage and Retention Policy
  16. Information and Media Disposal Policy
  17. Third Party Security Management Policy
  18. Personnel Security Management Policy
  19. Security Awareness and Training Policy
  20. Access Control Security Policy
  21. Account and Privilege Management Policy
  22. Remote Access Security Policy
  23. Network Security Management Policy
  24. Firewall Security Policy
  25. Wireless Network Security Policy
  26. Physical Access Security Policy *
  27. Data Center Security Policy *
  28. IT Operations Security Policy *
  29. System Configuration Management Policy
  30. Change Management Policy
  31. Malicious Software Management Policy
  32. Encryption and Key Management Policy
  33. Application Development Security Policy
  34. Security Incident Response Policy
  35. Data Breach Response Policy
  36. Backup and Recovery Policy
  37. IT Business Continuity Policy
  38. Log Management and Monitoring Policy
  39. Customer Data Privacy Policy
  40. Data Privacy Management Policy *

Additional New Compliance Documents

Version 14 has dramatically expanded additional documents to enable security policy governance and compliance management. We have added a formal “Information Security Governance Framework” and supported templates with policies, standards and procedures.

00 Security Policy Development Project Plan

  1. Information Security Management Statement (External)
  2. Information Security Policy Compliance Agreement
  3. Policy Exception Procedure / Risk Acceptance Form * Updated
  4. Information Security Governance Framework * New
  5. Security Policy Template * Updated
  6. Security Standard Template * New
  7. Security Procedure Template * New
  8. Information Handling Standard * New
  9. Employment Termination Procedure * Updated
  10. Change Management Procedure * New
  11. Security Incident Response Procedure * New
  12. Security Incident Reporting Form
  13. Identity Token Responsibility Statement
  14. Two-Page Non-Disclosure Agreement
  15. Network Harmonization Standard * Updated
  16. Information Security Policy Glossary * Updated

60+ New Information Security Policies

Version 14 contains 60+ additional pre-written information security policy statements with expert commentary covering the latest security threats and technologies, including: