Welcome to Rothstein Publishing!

Information Security Policies Made Easy


Information Security Policies Made Easy is the “gold standard” information security policy template library, with over 1500 pre-written information security policies covering over 200 security topics. Based on the 25 year consulting experience of Charles Cresson Wood, CISSP, CISA, it is the most widely used policy library in the world, with over 10,000 customers in 60 countries. Take the work out of creating, writing, and implementing security policies.


Information Security Policies Made Easy has everything you need to build a robust security policy program, including:

Thirty-eight (38) essential sample information security policy documents:

  • Complete coverage of essential security topics including: Access Control Policy, Network Security Policy, Personnel Security, Information Classification, Physical Security, Acceptable Use of Assets, and many more.
  • All samples policies in our MS-Word Best Practices Policy Template. Customized in minutes!

Complete 1500+ information security policy statement library

  • 1500 individual pre-written security policies covering of the latest technical, legal and regulatory issues
  • ISO 17799:2005 (ISO 27002) outline format, allowing for easy gap-analysis against existing standards and security frameworks
  • Expert commentary discussing the risks mitigated by each policy
  • Target audience (management, technical, or user) and security environment (low, medium, high) for each policy
  • Policy coverage maps for PCI-DSS, NIST, ISO 27002, FFIEC and HIPAA-HiTECH security

Expert information security policy development advice and tools

  • A step-by-step checklist of security policy development tasks to quickly start a policy development project
  • Helpful tips and tricks for getting management buy-in for information security policies and education
  • Tips and techniques for raising security policy awareness
  • Real-world examples of problems caused by missing or poor information security policies
  • Essential policy compliance forms such as Risk acceptance memo, incident Reporting Form and Security Policy Compliance Agreement.

Comprehensive Information Security Policy Coverage

Information Security Policies Made Easy covers over 200 essential information security topics including:

  • Access Control
  • Acceptable Use
  • Application Development
  • Biometrics
  • Computer emergency response teams
  • Computer viruses
  • Contingency planning
  • Corporate Governance
  • Data Classification and Labeling
  • Data Destruction
  • Digital signatures
  • Economic Espionage
  • Electronic commerce
  • Electronic mail
  • Employee surveillance
  • Encryption
  • Firewalls
  • FAX communications
  • Incident Response
  • Identity Theft
  • Information Ownership
  • Information Security Related Terrorism
  • Internet
  • Local area networks
  • Intranets
  • Logging controls
  • Microcomputers
  • Mobile Devices
  • Network Security
  • Outsourcing security functions
  • Password Management
  • Personnel Screening and Security
  • Portable computers (PDA, Laptops)
  • Physical Security
  • Privacy issues
  • Security Roles and Responsibilities
  • Social Engineering (including “phishing”)
  • SPAM Prevention
  • Telecommuting
  • Telephone systems
  • Third Party Access
  • User security training
  • Web Site Security
  • Wireless Security
  • Voice Over IP (VOIP)
  • And many more!

Information Security Policies Made Easy, Version 13 is available for electronic download. Each product contains a print-ready PDF, MS-Word templates and an organization-wide license to republish the materials. (No physical CD or book).

SEE ALSO: Information Security Roles and Responsibilities Made Easy (version 3): Includes time-saving tools and practical, step-by-step instructions on how to develop and document specific information security responsibilities for over 40 different key organizational roles.

Click HERE for special pricing for both products purchased together!


You may also like…