Policies should always state required actions and cover mandatory compliance and disciplinary action as well as desired results. Please create the following policies:
The template should be:
1.PURPOSE
This document establishes a policy for . . .
2.BACKGROUND
This document was developed because . . .
3.SCOPE
This policy applies to the use of . . .
4.OPERATIONAL POLICY
4.1. Section 1
4.2. Section 2
4.3. Section 3
4.4. Section 4
5.ROLES AND RESPONSIBILITIES
The following entities have responsibilities related to the implementation of this policy:
6.APPLICABLE LAWS/GUIDANCE
7.EFFECTIVE DATES
This policy becomes effective on the date that [xxx], Chief Information Officer (CIO), signs it and remains in effect until officially superseded or canceled by the CIO.
8.INFORMATION AND ASSISTANCE
Contact the . . . for further information regarding this policy.
9.APPROVED
[Director of Information Security Policies] Date of Issuance
10.ASSOCIATED RESOURCES
This policy is augmented by . . .
