VIEWS: 113 PAGES: 3 CATEGORY: Technology Management POSTED ON: 2/19/2010
A Big Help for Small Firms As the IT manager in a small organization, you don't have time to design the templates and policies you need from scratch. We've compiled the essential tools you need to start your own download toolkit. Info-Tech uses common file formats, like Microsoft Word and Excel, to ensure the highest levels of usability. Simply download the tool, save it to your own drive, and change the contents or fill in the blanks as much as you like.
Data Security Policy Introduction: How to Use This Tool Modify this template to suit enterprise needs. Supply the appropriate company-specific information wherever square brackets are present (e.g. [company name]). Also be sure to delete this or any other grey text. Purpose A broad statement indicating that the company is taking steps to ensure that its computing resources and information assets are protected from threats. This document defines the data security policy of [company name]. [Company name] takes the privacy of our employees and clients very seriously. To ensure that we are protecting our corporate and client data from security breaches, this policy must be followed and will be enforced to the fullest extent. Intent More specific statements about the existence of the policy that indicate the motivation and rationale behind the creation and enforcement of the policy. The goal of this policy is to inform employees at [company name] of the rules and procedures relating to data security compliance. The data covered by this policy includes, but is not limited to all electronic information found in e- mail, databases, applications and other media; paper information, such as hard copies of electronic data, employee files, internal memos, and so on. Audience A defined statement of the applicability of the policy – the combination of to whom and the circumstances under which it does or does not apply. This policy applies to all employees, management, contractors, vendors, business partners and any other parties who have access to company data. Data Types [Company name] deals with two main kinds of data: 1. Company-owned data that relates to such areas as corporate financials, employment records, payroll, [etc.] 2. Private data that is the property of our clients and/or employees, such as social security numbers, credit card information, contact information, [etc.] Data Classifications [Company name’s] data is comprised of 3 classifications of information: 1. Public/Unclassified. This is defined as information that is generally available to anyone within or outside of the company. Access to this data is unrestricted, may already be available and can be distributed as needed. Public/unclassified data includes, but is not limited to, marketing materials, annual reports, corporate financials [and other data as applicable]. Employees may send or communicate a public/unclassified piece of data with anyone inside or outside of the company. Page 1 Info-Tech Research Group 2. Private. This is defined as corporate information that is to be kept within the c
Pages to are hidden for
"Data Security Policy"Please download to view full document