Project Management

Please login or join to subscribe to this thread

Security Policies - guidance/examples needed

linkedin twitter facebook   Consulting   Legal Project Management  
avatar
Shaughn FitzGerald UX Project Manager| Anthro-Tech Seattle, Wa, United States
Hello, does anyone have a template or reference for writing a data security policy for a consultancy? I am looking for good examples for writing up policies including security framework, audits, data at rest, incident response. Thanks in advance for your help!
Sort By:
avatar
Keith Novak Tukwila, Wa, United States
Shaughn,
My advice on this area would be to start by looking at DoD documentation. For one, the stuff they deal with ranges from benign to various levels of very secret. That means it will cover your entire solution space and more. The other is that the rules are out there in the public domain. I took a look at some documents available on the web, and although redacted in areas, they paint a pretty good picture of the overall landscape.

The rules themselves need to be heavily tailored to what information you're protecting and if there are applicable regulations. Regardless however, there is stuff you can leave out on your desk, and there is stuff sensitive enough that the CEO has to sign off on your access, so seeing how the military deals with information security is a great starting point for how to structure your own version.
avatar
Shaughn FitzGerald UX Project Manager| Anthro-Tech Seattle, Wa, United States
Hi Keith,
Thanks for your reply and feedback. I'll share with my team.
Cheers!
Shaughn

Please login or join to reply

Content ID:
ADVERTISEMENTS

"It usually takes more than three weeks to prepare a good impromptu speech."

- Mark Twain

ADVERTISEMENT

Sponsors







Vendor Events

See all Vendor Events

Newsletters

Jun 3: The Career Problem Facing New PMs
May 20: Your PM Career as a Project Life Cycle
May 13: The Big Lie After Layoffs

See all newsletters