End user cyber security policy

Price:  £22.50(Inc. 20% VAT)(£18.75 Exc. VAT)
Version:  

A cyber security policy to regulate the actions of employees and/or contractors.


It is a commonplace that human behaviour is the weakest link in organisations' cyber security strategies. The more freedom staff have to use IT systems, the more scope there is for a security breach. But locking down IT systems is not usually the answer: the less freedom staff have, the less useful the IT systems will be.

All organisations must decide where to draw the line. But whether staff are subject to loose or stringent IT system controls, mechanisms to discourage high risk behaviour will always have a part to play. A carefully tailored end user cyber security policy is one such mechanism.

The default text in this cyber security policy template includes both general and specific prohibitions on the use of organisation IT systems. For example, the use of company devices for private use may be prohibited. Similarly, the use of private devices for company business may be prohibited.

The policy comes in standard and premium versions, with the former being a shortened version of the latter. The key provisions omitted from the standard policy cover BYOD, monitoring, training requirements and permissive provisions on use of company devices.

This policy may be used in relation to employees, non-employed contractors or both.

This end user cyber security policy was created and is maintained by Emma Osborn of OCSRC (see https://www.ocsrc.co.uk/).

Basic:

  1. Introduction
  2. Cyber security requirements
  3. Consequences of system misuse
  4. Declaration

Standard:

  1. Introduction
  2. Cyber security requirements
  3. Handling mistakes
  4. Consequences of system misuse
  5. Declaration

Premium:

  1. Introduction
  2. Cyber security requirements
  3. Training
  4. Monitoring
  5. Handling mistakes
  6. Consequences of system misuse
  7. Declaration

This template is supplied in Word (.docx) format. The basic version is 5 pages long, including 2 pages of guidance notes; the standard version is 9 pages lond, including 5 pages of guidance notes; and the premium version is 13 pages long, including 7 pages of guidance notes.

A copy of this end of user cyber security policy is included in the following pack: