Skip to Main Content
Act now to prevent cyber attacks this summer | Book any training course in August and get free cyber security courses | Shop now
ISO 27001 Information Security Policy Template

ISO 27001 Information Security Policy Template

SKU: 5705
Format: Cloud Annual Subscription
ISBN13: 9781787783058

Create an ISO 27001-compliant information security policy in minutes with our easy-to-use, high-level template, developed by our expert ISO 27001 practitioners. You will need to customise the template with your organisation’s processes, documentation and commitment to information security.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on +44 (0)333 800 7000.

Annual subscription year 1
Price: £30.00
ex. VAT
Annual subscription thereafter £1.00ex. VAT

Easily create an ISO 27001 information security policy with this customisable template

Create an ISO 27001 information security policy in minutes and fulfil the requirements set out in Clause 5.2 of the ISO 27001 standard.

To complete the template, fill in the customisable areas with your organisation’s ISMS (information security management system) documentation policies and procedures, and assign roles to specific tasks.

Please note that this template is not an out-of-the-box solution and you will need to add details that match what your organisation does and what it should be doing. See our FAQ for more information.

Information security documentation under ISO 27001

Maintaining the confidentiality, integrity and availability of your organisation’s information assets is critical – especially if you process personal data and must comply with laws such as the GDPR (General Data Protection Regulation).

The international standard for information security management, ISO 27001 is a globally recognised framework for creating an ISMS.

Whether you pursue certification or not, the Standard requires you to select and implement security controls, informed by regular risk assessment as part of a process of continual improvement.

Annex A of the Standard lists 114 security controls, but you can use alternatives. These all must be documented, as must the policies and procedures you implement.

One of the mandatory documents is the information security policy. It defines top management direction for information security following your business requirements and information security objectives, relevant laws and regulations, and the needs and expectations of interested parties.

If you are unsure how to interpret ISO 27001’s requirements, our customisable information security policy can help.

Need more ISO 27001 documentation templates?

We have a complete set of ISO 27001 documentation templates in our bestselling ISO 27001 Toolkit. This toolkit includes a comprehensive set of easy-to-use and customisable documentation to help you comply with the Standard, whether for internal audit or certification.

Buy the ISO 27001 Toolkit now

Technical Information

  • All our documentation toolkits are electronically fulfilled and accessible via DocumentKits, our online platform.
  • Your subscription includes access for up to ten users.
  • The DocumentKits platform is compatible with all devices, operating systems and applications.
  • You will need to use the latest version of your chosen web browser (e.g. Chrome, Edge, Firefox or Internet Explorer).

End-User DocumentKits Agreement

If you are thinking about purchasing a toolkit, please click here to review the end-user licence agreement for DocumentKits.

For more information, read our DocumentKits FAQ page.

Anytime access with DocumentKits

The most up-to-date documentation that can be accessed anywhere, any time: our expertise, your peace of mind

Standards, regulations and best-practice guidance are constantly changing. Our technical advisors work throughout the year to closely monitor changes that affect your compliance requirements, so that we can ensure you are working from the very latest guidance. With the Cloud-based DocumentKits platform, you can:

  • Access your templates anywhere, any time, ensuring your organisation can always use and edit your files, regardless of operating system;
  • Work from the most up-to-date documentation to ensure ongoing compliance. Our simple subscription service offers more than 200 annual updates and revisions to the toolkit range, in line with the latest guidance and standard revisions;
  • Save hundreds of pounds each year. The subscription service allows you and your colleagues year-long access to pre-written, compliant documentation, including free upgrades and revisions;
  • Use templates that provide a framework for documenting your processes and policies, with customisable areas for you to complete;
  • Customise the template with your company logo and automatically populate fields to speed up your documentation process;
  • Reduce duplication and effort by integrating your documentation with other toolkits;
  • Easily complete the customisable free-text sections with our tooltips and guidance notes;
  • Effortlessly extract files to PDF to save on shared servers, intranets or wherever else you need them;
  • Collaborate with team members and share the workload, with access for up to ten users per year; and
  • Enjoy unlimited support for account set-up and guidance.

Customer Reviews

(5.00)stars out of 5
Number of reviews: 2
1. on 18/02/2022, said:
5 stars out of 5
Great policy template - will certainly be useful for myself for the organisation - recommended
2. on 28/12/2021, said:
5 stars out of 5
This Information Security Policy is great and useful.
Showing comments 1-2 of 2
This website uses cookies. View our cookie policy
WIN £100