You are on page 1of 2


Title and Date

Information Assurance Policy of <COMPANY_NAME>
2. Purpose The purpose of this policy is to define Information Assurance within <COMPANY_NAME>.


3. Scope This policy covers all Information Assurance requested by any individual, group or department for the purposes of assuring information and managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes at <COMPANY_NAME>. Information Assurance apply to data in transit, both physical and electronic forms as well as data at rest in various types of physical and electronic storage facilities

4. Policy      The Information Assurance will be given Top priority in all technical discussions related to servers, network and applications All employees working in any area related to critical information would be trained in various Information Assurance aspects All employees must be committed for best possible security procedures during handling and transit of Data. All data backup and restoration procedures would be reviewed by chief information security officer on monthly basis No new procedures related to information processing or transit should be approved before review and clearance by the chief information security officer or any other officer delegated for the job.

5. Roles and Responsibility   Chief Information Security Officer (CISO) will lead the team assigned with Information Assurance responsibilities. Any other officer delegated the power of CISO for any specific job, would have all responsibility and authority normally privileged to CISO, for completing the job.

6. Implementation
 

The Information Assurance Team headed by CISO will complete the initial implementation of Information Assurance Policy within 3 months of its release. A time period of 3 weeks would be provided for implementation of modification as and when released.

7. Evaluation and review
 

The Information Assurance Policy will be evaluated and reviewed every 6 months by a team of 3 officers as constituted by CISO. The team needs to submit its report (recommendation) within 5 working days of its constitution to CISO.

8. Definitions CISO - Chief Information Security Officer 9. References SANS – Security Policies : 10. Ratified and dated <NIL> --Submitted as an assignment on Coursera, Course- Information Security and Risk Management in Context by Barbara EndicottPopovsky by

Email –