Sample Security Awareness Policy:: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
== | ==Sample Security Awareness Standard== | ||
This Security Awareness Standard defines Company objectives for establishing a formal Security Awareness Program, and specific standards for the education and communication of the [[Sample Information Security Program Charter:|'''Information Security Program Charter''']]. and associated policies, standards, guidelines, and procedures. | |||
==Objectives== | |||
The Company [[Sample Information Security Program Charter:|'''Information Security Program Charter''']] and relevant policies, standards and guidelines must be properly communicated to Company corporate and business unit management. Specific instructions and requirements for providing security awareness education and training for Company management are provided in the [[Sample Management Awareness Standard:|'''Management Awareness Standard''']].<br> | |||
<br> | <br> | ||
The Company [[Sample Information Security Program Charter:|'''Information Security Program Charter''']] and relevant policies, standards, and guidelines must be properly communicated to and understood by all newly hired Company employees. Newly hired Company employees must be provided with the appropriate security awareness education and training. Specific instructions and requirements for providing security awareness education and training for new Company employees are provided in the [[Sample New Hire Security Awareness Standard:|'''New Hire Security Awareness Standard''']].<br> | |||
<br> | <br> | ||
The Company [[Sample Information Security Program Charter:|'''Information Security Program Charter''']] and relevant policies, standards, and guidelines must be properly communicated to and understood by all contractors, partners and consultants. Specific instructions and requirements for providing security awareness education and training for contractors, partners, and consultants are provided in the [[Sample Third Party Security Awareness Standard:|'''Third Party Security Awareness Standard''']].<br> | |||
<br> | <br> | ||
All Company employees will be provided with recurring and ongoing education and training to ensure continued awareness, and address emerging risks or topics of interest. Specific instructions and requirements for providing security awareness education and training for Company employees are provided in the [[Sample Ongoing Security Awareness Standard:|'''Sample Ongoing Security Awareness Standard''']].<br> | |||
| | |||
<br> | <br> | ||
All Company employees will be provided appropriate access to the [[Sample Information Security Program Charter:|'''Information Security Program Charter''']] and relevant policies, standards, and guidelines. Specific instructions are provided in the Security Awareness Standard.<br> | |||
<br> | <br> | ||
==Document Examples== | |||
Use these samples as a guide for your policy development. Fully customizable versions are available from [http://policy-machine.com The Policy Machine].<br> | |||
== | |||
The | |||
<br> | <br> | ||
<gallery> | |||
Image:Security Awareness Standard.png|Security Awareness Standard page one of five. | |||
Image:Security Awareness Standard(1).png|Security Awareness Standard page two of five. | |||
Image:Security Awareness Standard(2).png|Security Awareness Standard page three of five. | |||
Image:Security Awareness Standard(3).png|Security Awareness Standard page four of five. | |||
Image:Security Awareness Standard(4).png|Security Awareness Standard page five of five | |||
</gallery> | |||
[[File:Security Awareness Standard.png]] | |||
[[File:Security Awareness Standard(1).png]] | |||
[[File:Security Awareness Standard(2).png]] | |||
[[File:Security Awareness Standard(3).png]] | |||
[[File:Security Awareness Standard(4).png]] | |||
Revision as of 19:32, 14 January 2014
Sample Security Awareness Standard
This Security Awareness Standard defines Company objectives for establishing a formal Security Awareness Program, and specific standards for the education and communication of the Information Security Program Charter. and associated policies, standards, guidelines, and procedures.
Objectives
The Company Information Security Program Charter and relevant policies, standards and guidelines must be properly communicated to Company corporate and business unit management. Specific instructions and requirements for providing security awareness education and training for Company management are provided in the Management Awareness Standard.
The Company Information Security Program Charter and relevant policies, standards, and guidelines must be properly communicated to and understood by all newly hired Company employees. Newly hired Company employees must be provided with the appropriate security awareness education and training. Specific instructions and requirements for providing security awareness education and training for new Company employees are provided in the New Hire Security Awareness Standard.
The Company Information Security Program Charter and relevant policies, standards, and guidelines must be properly communicated to and understood by all contractors, partners and consultants. Specific instructions and requirements for providing security awareness education and training for contractors, partners, and consultants are provided in the Third Party Security Awareness Standard.
All Company employees will be provided with recurring and ongoing education and training to ensure continued awareness, and address emerging risks or topics of interest. Specific instructions and requirements for providing security awareness education and training for Company employees are provided in the Sample Ongoing Security Awareness Standard.
All Company employees will be provided appropriate access to the Information Security Program Charter and relevant policies, standards, and guidelines. Specific instructions are provided in the Security Awareness Standard.
Document Examples
Use these samples as a guide for your policy development. Fully customizable versions are available from The Policy Machine.
-
Security Awareness Standard page one of five.
-
Security Awareness Standard page two of five.
-
Security Awareness Standard page three of five.
-
Security Awareness Standard page four of five.
-
Security Awareness Standard page five of five