Tired of drafting policies/procedures from scratch? Download these SOPs today!
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security. Download these SOPs today and start applying them to your organization.
Application Security
General Policy Templates
- acceptable_encryption_policy.docx
- acceptable_encryption_policy.pdf
- acceptable_use_policy.docx
- acceptable_use_policy.pdf
- clean_desk_policy.docx
- clean_desk_policy.pdf
- digital_signature_acceptance_policy.docx
- digital_signature_acceptance_policy.pdf
- disaster_recovery_plan_policy.docx
- disaster_recovery_plan_policy.pdf
- email_policy.docx
- email_policy.pdf
- end_user_encryption_key_protection_policy.docx
- end_user_encryption_key_protection_policy.pdf
- ethics_policy.docx
- ethics_policy.pdf
- pandemic_response_planning_policy.docx
- pandemic_response_planning_policy.pdf
- password_construction_guidelines.docx
- password_construction_guidelines.pdf
- password_protection_policy.pdf
- security_response_plan_policy.docx
- security_response_plan_policy.pdf
Network Policy
- acquisition_assessment_policy.docx
- acquisition_assessment_policy.pdf
- bluetooth_baseline_requirements_policy.docx
- bluetooth_baseline_requirements_policy.pdf
- remote_access_policy.docx
- remote_access_policy.pdf
- remote_access_tools_policy.docx
- remote_access_tools_policy.pdf
- router_and_switch_security_policy.docx
- router_and_switch_security_policy.pdf
- wireless_communication_policy.docx
- wireless_communication_policy.pdf
- wireless_communication_standard.docx
- wireless_communication_standard.pdf
Other Policies
- analog_isdn_line_security_policy.docx
- analog_isdn_line_security_policy.pdf
- anti_virus_guidelines.docx
- anti_virus_guidelines.pdf
- automatically_forwarded_email_policy.docx
- automatically_forwarded_email_policy.pdf
- communications_equipment_policy.docx
- communications_equipment_policy.pdf
- dial_in_access_policy.docx
- dial_in_access_policy.pdf
- dmz_lab_security_policy.docx
- dmz_lab_security_policy.pdf
- email_retention_policy.docx
- email_retention_policy.pdf
- employee_internet_use_monitoring_and_filtering_policy.docx
- employee_internet_use_monitoring_and_filtering_policy.pdf
- extranet_policy.docx
- extranet_policy.pdf
- internet_dmz_equipment_policy.docx
- internet_dmz_equipment_policy.pdf
- internet_usage_policy.docx
- internet_usage_policy.pdf
- lab_anti_virus_policy.docx
- lab_anti_virus_policy.pdf
- mobile_device_encryption_policy.docx
- mobile_device_encryption_policy.pdf
- mobile_employee_endpoint_responsibility_policy.docx
- mobile_employee_endpoint_responsibility_policy.pdf
- personal_communication_devices_and_voicemail_policy.docx
- personal_communication_devices_and_voicemail_policy.pdf
- remote_access_mobile_computing_storage.docx
- remote_access_mobile_computing_storage.pdf
- removable_media_policy.docx
- removable_media_policy.pdf
- risk_assessment_policy.docx
- risk_assessment_policy.pdf
- server_audit_policy.docx
- server_audit_policy.pdf
- server_malware_protection_policy.docx
- server_malware_protection_policy.pdf
- social_engineering_awareness_policy.docx
- social_engineering_awareness_policy.pdf
- virtual_private_network_policy.docx
- virtual_private_network_policy.pdf
Server Security
- database_credentials_policy.docx
- database_credentials_policy.pdf
- information_logging_standard.docx
- information_logging_standard.pdf
- lab_security_policy.docx
- lab_security_policy.pdf
- server_security_policy.docx
- server_security_policy.pdf
- software_installation_policy.docx
- software_installation_policy.pdf
- technology_equipment_disposal_policy.docx
- technology_equipment_disposal_policy.pdf
- workstation_security_for_hipaa_policy.docx
- workstation_security_for_hipaa_policy.pdf