Does anyone out there have / seen any good Information Security Policy documents or templates?
Basically I am looking for a comprehensive, internal document (or set of documents) that would be used to describe things such as: - Security Organization and Structure - Internal (Employee and Contractor) Security Policies (obligations of personnel in managing data and other secure/confidential documents) - Sites and Building Policies (access control, maintenance) - Network Security - Systems Architecture Security (Access Control, Authentication) - Production Environment Security - Application Security I realize that it would be next to impossible to find a single security document that has all of the above facets to it, but any good starting points would be helpful. Thanks, Jeff ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
