, ,

Information Security Policy


+ Free Shipping
  • Fully compliant policy document.
  • Ready for you to customise and implement into your business.
  • Immediate download.

This policy template:

  • Has been prepared and verified by our certified, ISO Lead Auditor and implementation team.
  • It meets all the mandatory requirements of the following standards:
      • ISO 27001 – Information Security.
      • ISO 223001 – Business Continuity.
  • It is ready for you to customise to your specific business needs.
  • It is pre-numbered for inclusion in any of our Information Security Management System (ISMS) or Integrated Management System templates.
  • It is reviewed by our compliance team annually or following any significant changes to the standard(s) to which it applies.
  • It is provided to you in an editable Microsoft Word format.

We charge very little for these templates but have put a great deal of work into them. Please do not share any of our content, publicly or privately without our consent.

This policy outlines the company’s commitment to maintain an information security management system that meets the requirements of the ISO 27001:2013 standard.

It includes commitments to protecting the confidentiality, integrity and availability of information assets from all threats whether internal, external, deliberate or accidental.

It details the controls in place to ensure information security, compliance with applicable requirements of the ISO 27001 standard, mechanisms in place for continuous improvement of information security…etc.

This policy is a requirement for ISO 27001:2013 compliance and can be edited to suit. However, care must be taken when amending this document if the intent is for it to be used to satisfy the requirements of ISO 27001 compliance as there are some elements that the standard requires the policy to cover: –

  • A framework for setting information security objectives
  • A commitment to satisfy applicable requirements
  • A commitment to continual improvements of the integrated management systems.

Like all other policies this should be retained as documented information, filed correctly and made available to all interested parties.

The information classification label on this policy is [Public].


There are no reviews yet.

Be the first to review “Information Security Policy”

Your email address will not be published. Required fields are marked *

Shopping Cart