Re: Best practice: IT polices and standards

["DiGrazia, Mick A" <mick.digrazia () UCONN EDU>]

SANS actually has a great resource on this:
http://www.sans.org/security-resources/policies/#template

Lots of background information and policy templates

Mick A. DiGrazia
University of Connecticut
Information Technology Services
(860) 486-1336
mick.digrazia () uconn edu<mailto:mick.digrazia () uconn edu>

On Sep 30, 2010, at 2:10 PM, Nick Recchia wrote:

Hello Folks,

My department is currently planning to revamp our IT Policies. We lack consistency and I am striving to create a 
cohesive and uniform style for all IT polices and standards (current and new).

There are varying ways University IT Policies are configured and structured - some very detailed and others not -  I 
was wondering if any of you have a Policy template you find successful and would be willing to share your template. 
Further, perhaps you'd also be willing to share your interpretation of why you find your format success?

I am currently considering to appropriate Cornell University's style, but some aspects may be beyond our departmental 
abilities - note, we do not have a University Policy Office.

Please feel free to contact me direct.

Thank you for your time.

Sincerely,
Nick
--
Nicholas Recchia
Security Administrator
ITS - Security Services
infosec.usfca.edu<http://infosec.usfca.edu/>