Creating policies – IT Strategy and policy – No plagiarism


 Policies should always state required actions and cover mandatory compliance and disciplinary action as well as desired results. Please create the following policies:

  • Acceptable Use
  • Access Control
  • Mobile Device Usage
  • Change Management
  • Information Security
  • Remote Access
  • Email/Communication
  • Data Management
  • Documentation
  • Disaster Recovery

The template should be:

1.PURPOSE

This document establishes a policy for . . .

2.BACKGROUND

This document was developed because . . .

3.SCOPE

This policy applies to the use of . . .

4.OPERATIONAL POLICY

4.1. Section 1

4.2. Section 2

4.3. Section 3

4.4. Section 4

5.ROLES AND RESPONSIBILITIES

The following entities have responsibilities related to the implementation of this policy:

6.APPLICABLE LAWS/GUIDANCE

7.EFFECTIVE DATES

This policy becomes effective on the date that [xxx], Chief Information Officer (CIO), signs it and remains in effect until officially superseded or canceled by the CIO.

8.INFORMATION AND ASSISTANCE

Contact the . . . for further information regarding this policy.

9.APPROVED

[Director of Information Security Policies] Date of Issuance

10.ASSOCIATED RESOURCES

This policy is augmented by . . .