Not sure this is the right place to ask, but can anyone recommend a source of free and useful draft/model IT policies for commercial organisations? Not Security Standards, more AUP type docs.
I've been tasked with overhauling/re-writing our ancient policies, have Google'd etc but there's SO much non-applicable stuff that I wondered if anyone had this info to hand?
Cheers
There are reference books that will layout the basic policies needed. Look for IT management materials. You could also look at books such as the study book for security+. You could also look for sites that deL with governance and compliance. Zdnet has a a free whitepaper section. You could search there for such material.
Dont know if it will be any help try………
http//
A number of the universities here in Dublin have their Policies freely available on the web
See here for Dublin City University's http//
or here for Trinity College Dublin's http//
Hope this helps…..
SANS used to keep a lengthy archive of policies, but I have not checked recently. They were my origional source years ago I still have all of them archived.
Thanks to all, I ended up in the SANS archive.
To digress a little, Social Media and 'new' technologies are a bit of a discussion point here at work, I found a whole bunch of discussion and real policies including
Best Buy (http//
IBM (http//
Intel (http//
Plus a list of others at http//
Includes a link to US Air Force policy which is thorough to say the least .
Cheers
not sure how useful but i remember a few years ago we used messagelabs.com for some web and email policies
hope this helps