securitydox customizable policies and procedures templates align with security best-practices and are based on NIST 800-53 (v4). Templates are provided in Word format for easy editing.

Security Policies and Procedures Templates

Securitydox customizable policies and procedures templates align with security best-practices and are based on NIST 800-53 (v4). Templates are provided in Word format for easy editing.

Not Sure Where to Start?

The following services address security best-practices, but can also be augmented to provide a gap analysis against various regulations and standards:

    Policies Procedures and Practices Assessment (PPPA) ‐ Ensures that documented IT policies and procedures, and associated practices, are aligned with best-practices and applicable regulatory requirements. The PPPA is a gap analysis and the first place to start towards compliance with best-practices, regulatory requirements, and standards, such as HIPAA, SOC, PCI, CIPv5, NIST, ISO, DFARS, GLBA, SOX, etc. {Read more}

    Risk Assessment (RA) ‐ Combination of qualitative and quantitative analysis to determine the top threats to information security, biggest vulnerabilities, and largest opportunities for risk reduction through cost-benefit analysis {Read more}

 

List of Security Policies and Procedures Templates

DocumentNIST 800-53 Controls
(AC 1-8 11 14 22) Logical Access Controls Policy & ProceduresAC 1, 2, 3, 4, 5, 6, 7, 8, 11, 14, 11 Sample
(AC 17 18) Remote and Wireless Access Controls Policy & ProceduresAC 17, 18
(AC 19 20) Mobile Device Access Controls & External Systems Use Policy & ProceduresAC 19, 20
(AU 1-6 8-9 11-12) Audit and Accountability Policy & ProceduresAU 1, 2, 3, 4, 5, 6, 8, 9, 11, 12 Sample
(AT 1 2) Security Awareness and Training Policy & ProceduresAT 1, 2 Sample
(CM 1-11) Configuration Management Policy & ProceduresCM 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
(CP 1-10) Contingency Planning Policy & ProceduresCP 1, 2, 3, 4, 5, 6, 7, 8, 9, 10
(IA 1-8) Identification and Authentication Policy & ProceduresIA 1, 2, 3, 4, 5, 6, 7, 8
(IR 1-8) IT Incident Response Policy & ProceduresIR 1, 2, 3, 4, 5, 6, 7, 8
(MP 1-7) Media Protection Policy & ProceduresMP 1, 2, 3, 4, 5, 6, 7
(PS 1-8) IT Personnel Security Policy & ProceduresPS 1, 2, 3, 4, 5, 6, 7, 8
(PE 1-18) Physical and Environmental Protection Policy & ProceduresPE 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18
(RA 1-5) IT Risk Assessment Policy & ProceduresRA 1, 2, 3, 4, 5
(CA 1-3 5-9) IT Security Assessment and Authorization Policy & ProceduresCA 1, 2, 3, 5, 6, 7, 8, 9
(SC 1-5 7 14 15 20-22 39) IT System and Communications Protection Policy & ProceduresSC 1, 2, 3, 4, 5, 7, 14, 15, 20, 21, 22, 39
(SC 8 9 12 13 17 23 28) IT System and Communications Encryption Policy & ProceduresSC 8, 9, 12, 13, 17, 23, 28
(SI 1-5 8-10 12) IT System and Information Integrity Policy & ProceduresSI 1, 2, 3, 4, 5, 8, 9, 10, 12
(SA 1-11) IT System and Services Acquisition Policy & ProceduresSA 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
(MA 1 2 4 5) IT System Maintenance Policy & ProceduresMA 1, 2, 4, 5
(PL 1-4 6) IT System Security Planning Policy & ProceduresPL 1, 2, 3, 4, 6
Security Policies and Procedures Document Register
IT Glossary

For questions, to purchase our templates, or to get more information (e.g. pricing) Click here.

Assessments

Compliance

Security Awareness Training

Other Links

Contact Information

431 Florence Street, Suite 210
Palo Alto California, US
Phone: 650 961 5911
Fax: 650 961 5912
Email: info@illumant.com

Currently in Palo Alto

2006-2025 © Illumant, LLC. All Rights Reserved.