IT Policies (Draft)
This books contains a full listing of all IT policies enacted within the organization.
Employee Policies
Policies governing employees use of IT equipment and technologies.
Password Policy
This policy outlines guidelines on generating and storing company credentials to ensure the credentials are well protected and difficult to compromise.
Questions this policy addressees:
- How should temporary credentials be handled?
- Can I share credentials with another employee?
- How strong do new passwords need to be?
- Where should passwords be stored?
- Can I write down passwords?
Download the Policy
Computer Use Policy
This policy outlines guidelines using IT equipment and technologies at George & Bell Consulting.
This policy addresses:
- Acceptable use of IT equipment.
- Working at the office, home and abroad.
- Monitoring of IT equipment and how it affects employees.
- Handling suspicious activity.
- Using a mobile device for business.
Download the Policy
Security Policies
Policies relating to George & Bell Consulting's security practices and how to address security incidents.
Security Implementation Policy
This policy is geared towards the partners and IT personnel. It's purpose is to outline the security requirements for all IT-based services and software, ensuring company remaining secure and protected.
This policy addresses requirements for the following services:
- Antivirus Solutions
- Application Management
- Operating System Management
- Email Management
Download the Policy
Security Incident Policy
This policy outlines how employees, contractors and partners of the company should respond if an information security incident is learned.
Questions this policy addressees:
- What do I do if I learn I've been compromised?
- What should happen from an organizational perspective when a security incident occurs?
Download the Policy
Data Management Policies
Policies covering how company information is classified, handled and safeguarded.
Data Classification Policy
This policy establishes a framework that ensures the protection of all data created, stored, processed, or transmitted within the organization. The proper classification of data forms the basis for the development of policies, procedures, and controls necessary to safeguard confidential information.
Download the Policy
Data Management Policy
This policy define how Company Data is collected, accessed, and ultimately destroyed within the organization to ensure its security throughout its lifetime.
Download the Policy
Data Backup Policy
This policy establishes guidelines for the implementation of data backup and recovery plans. These guidelines aim to safeguard George & Bell Consulting’s IT systems, networks, databases, data, and other information assets.
Download the Policy