The following is a list of suggested Policies and Standards that all business organizations should have.

Corporate Governance

Corporate Policy, Policy / Standards and Processes leadership council

• Firewall Policy / Standard
• VPN Policy / Standard
• Remote Connectivity Policy / Standard
• SCSP Monitoring Policy / Standard.doc
• Network Monitoring / Sniffer Policy / Standard
• Egress Monitoring Policy / Standard
• HIDs Policy / Standard
• Cisco IOS Policy / Standard
• Router Policy / Standard
• Switches Policy / Standard
• Wireless Policy / Standard
• Mobile Access Policy / Standard
• DNS Policy / Standard
• Vulnerability Assessments
• TrueCrypt File Encryption Standard
• Third Party Connectivity Standard
• Secure Password Storage Standard
• Secure Media Destruction
• Secure Logging
• Remote Desktop Protocol Standard
• Key Management Standard
• Email Encryption Standard
• Secure Sendmail
• Information Classification and Handling
• Secure Solaris
• Secure Windows 200x Server
• Secure Windows XP
• Secure Windows 2000 Server
• Secure SQL Standard
• Secure Oracle Standard
• Supplier Security Standard

Bind Policy

• Load Balancing Policy / Standard
• VOIP Policy / Standard
• Proxy Policy / Standard

Device Logging

• Syslog Policy / Standard
• Appliance Policy / Standard
• Information Classification
• Information Rights Policy / Standard
• Active Directory Policy / Standard
• Active Directory Global Policy / Standard
• Authentication Policy / Standard.doc
• Single Sign On Policy / Standard
• Federation Policy / Standard

Secure Password Storage

• Guidelines for Notice and Consent for Information Privacy.doc
• Remote Desktop Protocol Policy / Standard.doc
• Secure Anti-Virus Policy / Standard.doc
• Password Policy / Standard.doc
• Key Management Policy / Standard.doc
• Ingrian Security Configuration Guide.doc
• Policy / Standard for Notice and Consent for Information Privacy.doc

Physical Security

• Supplier Security Policy / Standard.doc
• Supplier Tier Classification Policy / Standard.doc
• Third Party Connectivity.doc
• Vulnerability Assessments.doc
• Patch Management Policy / Standards.doc
• Information Security and Privacy Contract Policy / Standards for Suppliers.doc

Internal Vendor Connectivity

• License File Signing
• E-Mail Encryption
• Secure Information and Classification and Handling Policy / Standard.doc
• SaaS Policy / Standard
• ASP Policy / Standard
• Secure Partner Agreement Policy / Standard
• Disk Encryption Policy / Standard

File Encryption

• TrueCrypt File Encryption Policy / Standard.doc
• Secure Media Destruction Policy / Standard.doc
• Removable Media Policy / Standard
• Tape Policy / Standard
• Offsite Storage Policy / Standard
• Internet Storage Policy / Standard

VM Policy / Standards

• Citrix Policy / Standards
• IIS 6 / 7 Policy / Standard
• Apache Policy / Standard
• Windows 2000 Server Policy / Standard.doc
• Windows 2003 Server Policy / Standard.doc
• Windows 2008 Server Policy / Standard.doc
• Linux Policy / Standard.doc

Linux Desktop

• Solaris Policy / Standard.doc
• HPUX Policy / Standard
• AIX Policy / Standard
• MVS Policy / Standard
• Windows 7 Policy / Standard
• Secure Windows Vista Policy / Standard.doc
• Secure Windows XP Policy / Standard.doc
• MAC Desktop

Remote Desktop Protocol

• SE Policy / Standard – Desktop
• Secure Oracle Policy / Standard.doc
• Secure SQL Policy / Standard.doc
• Secure DB2 Policy / Standard.doc
• Secure DBMS Policy / Standard.doc
• Secure Coding Policy / Standards – C++.doc
• Secure Coding Policy / Standards – Java.doc
• Secure Coding Policy / Standards – Activex.doc
• Secure Coding Policy / Standards – .net.doc
• Secure Coding Policy / Standards – .Mobile Coding.doc
• Secure Coding Policy / Standards – Web App Sec Arch.doc

www.bestitdocuments.com