IT Security Policy & Procedure Templates

The following templates are available as a guideline for agencies to develop their IT security policies.  

VITA Security Baseline Configurations (Hardening Standards)

Business Impact Analysis Policy Template

Emergency Response Damage Assessment Procedure Template

Emergency Response Employee Communications Procedure Template

Enterprise Background Check Policy Template

Information Resource Acceptable Use Policy Template

Information Security Incident Reporting Procedure Template

Information Security Incident Response Procedure Template

Information Security Program Policy Template

Information Security Roles and Responsibilities Policy Template

IT Configuration Management Policy Template

IT Contingency Planning Policy Template

Identification and Authentication Policy Template

IT Incident Response Policy Template

IT Media Protection Policy Template

IT Personnel Security Policy Template

IT Risk Assessment Policy Template

IT Security Assessment and Authorization Policy Template

IT Security Audit, Monitoring and Logging Policy Template

IT Security Exception and Exemptions Policy Template

IT Systems and Communications Encryption Policy Template

IT System and Communications Protection Policy Template

IT System and Data Classification Policy Template

IT System and Information Integrity Policy Template

IT System and Services Acquisition Policy Template

IT System Maintenance Policy Template

IT System Security Planning Policy Template

IT System Logical Access Controls Policy Template

Mobile Device Access Controls Policy Template

Physical Environmental Protection Policy Template

Remote and Wireless Access Controls Policy Template

Risk Treatment Plan Template

Security Awareness and Training Policy Template

SS Disaster Recovery Staffing Policy Template