Sample Security Awareness Policy:: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
 
Line 24: Line 24:
Image:Security Awareness Standard(4).png|Security Awareness Standard page five of five
Image:Security Awareness Standard(4).png|Security Awareness Standard page five of five
</gallery>
</gallery>
[[File:Security Awareness Standard.png]]
[[File:Security Awareness Standard(1).png]]
[[File:Security Awareness Standard(2).png]]
[[File:Security Awareness Standard(3).png]]
[[File:Security Awareness Standard(4).png]]

Latest revision as of 19:53, 14 January 2014

Sample Security Awareness Standard

This Security Awareness Standard defines Company objectives for establishing a formal Security Awareness Program, and specific standards for the education and communication of the Information Security Program Charter. and associated policies, standards, guidelines, and procedures.

Objectives

The Company Information Security Program Charter and relevant policies, standards and guidelines must be properly communicated to Company corporate and business unit management. Specific instructions and requirements for providing security awareness education and training for Company management are provided in the Management Awareness Standard.

The Company Information Security Program Charter and relevant policies, standards, and guidelines must be properly communicated to and understood by all newly hired Company employees. Newly hired Company employees must be provided with the appropriate security awareness education and training. Specific instructions and requirements for providing security awareness education and training for new Company employees are provided in the New Hire Security Awareness Standard.

The Company Information Security Program Charter and relevant policies, standards, and guidelines must be properly communicated to and understood by all contractors, partners and consultants. Specific instructions and requirements for providing security awareness education and training for contractors, partners, and consultants are provided in the Third Party Security Awareness Standard.

All Company employees will be provided with recurring and ongoing education and training to ensure continued awareness, and address emerging risks or topics of interest. Specific instructions and requirements for providing security awareness education and training for Company employees are provided in the Ongoing Security Awareness Standard.

All Company employees will be provided appropriate access to the Information Security Program Charter and relevant policies, standards, and guidelines. Specific instructions are provided in the Security Awareness Standard.

Document Examples

Use these samples as a guide for your policy development. Fully customizable versions are available from The Policy Machine.