Get Instant Access
to This Blueprint

Security icon

Identify the Best Framework for Your Security Policies

Leverage policies based on NIST, ISO, or other procedural-based documents.

  • Leverage Info-Tech’s Develop and Deploy Security Policies blueprint to build a comprehensive policy program, from acquiring buy-in to policy development to communication and maintenance of the program.
  • Use this storyboard and associated templates to develop policies for the framework that fits your needs.

Our Advice

Critical Insight

Policies don’t make your organization compliant. However, aligning the policy development with a relevant framework and implementing the controls and requirements that have been documented are critical steps in achieving compliance.

Impact and Result

  • Understand your policy framework and develop the security policies that align with compliance and regulatory requirements.
  • Save time by customizing our policy templates to ensure comprehensive coverage.

Identify the Best Framework for Your Security Policies Research & Tools

1. Identify the best framework for your security policies

Understand the benefits of various frameworks to develop your security policy suite.

Identify the Best Framework for Your Security Policies Storyboard

2. Develop security policies aligned with the NIST SP 800-171 framework

If the NIST framework fits your needs, customize the templates for a comprehensive policy suite.

Access Control Policy – NIST
Security Awareness Training Policy – NIST
Audit and Accountability Policy – NIST
System Configuration Management Policy – NIST
Identification and Authentication Policy – NIST
Incident Response Policy – NIST
System Maintenance Policy – NIST
Media Protection Policy – NIST
Personnel Security Policy – NIST
Physical Protection Policy – NIST
Risk Assessment Policy – NIST
Security Assessment Policy – NIST
System and Communications Security Policy – NIST
System and Information Integrity Policy – NIST

3. Develop security policies aligned with the ISO 27001 framework

If the ISO framework fits your needs, customize the templates for a comprehensive policy suite.

Human Resources Security Policy – ISO
Asset Management Policy – ISO
Access Control Policy – ISO
Cryptography Policy – ISO
Physical and Environmental Policy – ISO
Operations Security Policy – ISO
Communications Security Policy – ISO
System Acquisition, Development, and Maintenance Security Policy – ISO
Security in Supplier Relationships Policy – ISO
Security Incident Management Policy
Information Security Aspects of Business Continuity Management Policy – ISO
Compliance Policy – ISO

4. Develop other procedural-based security policies

Leverage lower-level policy templates to develop procedures for specific security topics.

Security Awareness Training Procedural Policy
Identity and Access Management Procedural Policy
Data Protection Procedural Policy
Media Protection Procedural Policy
Password Procedural Policy
Account Management Procedural Policy
System Configuration Procedural Policy
Systems Maintenance Procedural Policy
System Change Control Procedural Policy
Systems Monitoring and Auditing Procedural Policy
Application Security Procedural Policy
Incident Response Procedural Policy
Contingency Planning Procedural Policy
Security Assessment Procedural Policy
Risk Assessment Procedural Policy

Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.0/10

Overall Impact

$10,000

Average $ Saved

5

Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

University of Ottawa

Guided Implementation

9/10

$10,000

5

Sycuan Casino

Guided Implementation

10/10

N/A

5

Ministry of Innovation, Science and Smart Technology

Guided Implementation

9/10

$30,999

20

Fernco Inc

Guided Implementation

9/10

$21,699

10

Info-Matrix

Guided Implementation

10/10

$5,000

10

National Insurance Board

Guided Implementation

7/10

N/A

2

MTF Biologics

Guided Implementation

10/10

$22,283

10

DCI Marketing Inc

Guided Implementation

9/10

N/A

2

Northeastern Regional Information Center (NERIC)

Guided Implementation

10/10

N/A

N/A

Load More Testimonials

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

Member Rating

9.0/10
Overall Impact

$10,000
Average $ Saved

5
Average Days Saved

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.

Read what our members are saying

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Talk to an Analyst

Our analyst calls are focused on helping our members use the research we produce, and our experts will guide you to successful project completion.

Book an Analyst Call on This Topic

You can start as early as tomorrow morning. Our analysts will explain the process during your first call.

Get Advice From a Subject Matter Expert

Each call will focus on explaining the material and helping you to plan your project, interpret and analyze the results of each project step, and set the direction for your next project step.

Unlock Sample Research

Author

Celine Gravelines

Related Content: Governance, Risk & Compliance

Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
© Info-Tech Research Group | Terms of Use | Privacy Policy