From sales reports to employee social security numbers, IT is tasked with protecting your organisation’s private and confidential data. To accomplish this, you need to define acceptable and unacceptable use of systems and identify responsibilities for employees, information technology staff, and supervisors/managers. This policy offers a comprehensive outline for establishing standards, rules and guidelines to secure your company data.

Data governance policies describe how data is managed as it passes through company systems. Specifically, these policies document how a company makes sure that data is accessible and secure, as well as accurately collected and properly maintained.

Using a VPN to access internal resources comes with responsibilities to uphold network security, as well as to safely and equitably use company resources. This policy will help you enforce security standards when it comes to VPN use.

A disaster recovery policy outlines the broad requirements of a company’s disaster recovery plan. These policies identify critical data and responsible departments or staff. They also specify allowable downtime, as well as how to ensure business continuity in the event of downtime.

Help protect your employees and customers from identity theft. This policy outlines precautions for reducing risk, signs to watch out for, and steps to take if you suspect identity theft has occurred.

A security policy is only as valuable as the knowledge and efforts of those who adhere to it, whether IT staff or regular users. This policy is designed to help your information technology staff guide employees toward understanding and adhering to best security practices that are relevant to their job responsibilities and avoid a potential security incident.

Whether initiated with criminal intent or not, unauthorized access to an enterprise network or campus network is an all too common occurrence. Every enterprise needs to establish a plan of action to assess and then recover from unauthorized access to its network. This policy provides a foundation from which to start building your specific procedures.

Many businesses rely on outside companies, known as third party organizations, to handle their data or services. This policy provides guidelines for establishing qualified third party vendors with whom to do business and what requirements or regulations should be imposed upon their operational processes.

Don’t let your valuable corporate assets, proprietary information, or intellectual property walk out the door when an employee leaves the company.

This policy will help ensure that your company facilities are safe for all employees, visitors, contractors, and customers.

The Severance Policy outlines the differences between simple departure scenarios where the employee is paid a final check for the time they worked and any unused vacation hours, as well as more complex situations.

Defining objectives is a prime way to motivate employees, giving them tangible proof of their accomplishments, their progress, and their contributions to the business. However, it’s important to follow certain guidelines to provide an effective framework for establishing objectives, monitoring them, and helping employees complete them.

This policy describes the organization’s processes for requesting, obtaining, using, and terminating access to organization networks, systems, and data for the purpose of enabling staff members to regularly work remotely on a formal basis.

A safe and healthy work environment provides the foundation for all employees to be at their most productive. Not only does it promote productivity in the workforce, it also helps prevent accidents, lawsuits, and in extreme cases, serious injury and potentially loss of life. This policy establishes procedures to help ensure a safe, ergonomically healthy environment.

Social media policies govern employee use of social media both in and out of the workplace. These policies define how a company will manage and monitor the online behavior of it’s employees. They also set forth any company expectations regarding the nature and tone of information being posted.
As a result, social media policies are sometimes perceived as repressive. However, they can actually empower employees by letting them know what can and cannot be posted. Striking a balance between the needs of the company and employees is the key to a successful social media policy.

This policy sets forth guidelines for the use of the internet, as well as internet-powered communication services, including email, proprietary group messaging services (e.g., Slack), and social networking services (e.g., Facebook, Twitter) in business contexts. It also covers Internet of Things (IoT) use, and bring-your-own-device (BYOD) practices.

virtualization platforms are available from a number of vendors, but it’s still critical to maintain your virtualization environment to avoid unnecessary resource consumption, out-of-compliance systems or applications, data loss, security breaches, and other negative outcomes. This policy defines responsibilities for both end-users and the IT department to ensure that the virtualized resources are deployed and maintained effectively.

Many industries rely on machine automation implementations to save money and reduce risk. However, along with the benefits comes the critical need to implement policies for its proper use. This set of guidelines will help your organization keep its machine automation safe, reliable, and in compliance.