This policy addresses how <COMPANY NAME> manages information assets that employees utilize in the office and at remote locations.
Purpose
This policy aims to define individual responsibilities for information asset safeguarding and provide a standard classification system that is followed by all staff and users, ensuring that information assets are protected and sensitive information assets are classified in accordance with <Company Name> requirements.
Format: MS WORD
Description:
- This Procedure applies to all documents in the Information Security Management System (ISMS) and IT service management system that is created, distributed, and retained for information and action (ITSM).
- This policy applies to all employees and users of Company Name>.
GDPR Template Includes the Following :
1. Introduction
2. Purpose
3. Objectives of This Policy
4. Scope
5. Classification of Information Assets
6. Roles and Responsibilities
6.1 Data owner
6.2 Data custodians
6.3 Data user
7. Information Labelling
8. Classification Sensitivity Criteria – Information Asset
9. Electronic Protected Health Information (ePHI)
10. Payment Card Information (PCI)
11. Classification Guidelines
12. Information Handling Guidelines
13. Record Management
Use collapsible tabs for more detailed information that will help customers make a purchasing decision.
Ex: Shipping and return policies, size guides, and other common questions.