Sample policy establishing security requirements of equipment to be deployed in the corporate De-Militarized Zone. [MS Word]

Policy regarding the use of dial-in connections to corporate networks. [MS Word]

Sample policy establishing the minimum security requirements for all routers and switches connecting to production networks. [MS Word]

IT security policy applicable to the Victoria Police in Australia. 93 pages based on ISO/IEC 27002 and related standards.

An overarching security policy from Berkeley University includes links to more specific and detailed policies.

Concise policy (just 3 paragraphs) published by the School of Graduate Studies at Norwich University.

Ethical behavior underpins all procedural security controls. This ethics policy from Spirent is a useful model.

Policy template by Walt Kobus defines requirements for resilience, redundancy and fault tolerance in information systems.

111-page security policy manual from the Australian New South Wales Department of Commerce, based on ISO/IEC 27001.

The New Zealand Government's information security policy, based on the 2000 version of ISO/IEC 17799. [ZIP file containing PDF and MS Word versions]