Policy Templates

Security Policies, Information Security Policies, Cyber Security Policies, IT Security Policies.

Altius IT Policy Collection

Over 180 policies, procedures, plans, and forms to help you meet security and compliance requirements

star star star star star
Exceptional Satisfaction Rating
4.8 out of 5

Security Policy Templates


Silver Collection

180+ documents without Altius IT updates
You keep the Collection updated by:

Monitoring changes to security best practices and compliance requirements

Updating the Collection as a result of changes in security and compliance requirements

Adding new documents as a result of changes and modifications to security and compliance

Most Popular

Gold Collection

180+ documents with 1 yr. free Altius IT updates
Altius IT keeps the Collection updated:

Altius IT monitors changes to security best practices and compliance requirements


Altius IT updates the Collection as a result of changes in security and compliance requirements


Altius IT adds documents to the Collection as a result of changes and modifications to security and compliance

Not Sure yet?
check out samples before buying
Resellers please contact us via e-mail for information on our reseller program.
Comprehensive Policy Collection

Complete package with over 180 policies, procedures, plans, and forms to help you meet security and compliance requirements.

Meets Security and Compliance Requirements

We've done the work for you: COBIT, GDPR, HIPAA, ISO, NIST, PCI, and others (compliance matrix).

Comprehensive Collection

Collection includes network security, compliance, and risk management (complete list of documents).

Exceptional Satisfaction Rating
star star star star star

4.8 out of 5

Easy access
Subscription Updates

Subscription updates are available to keep your collection up-to-date. Gold Collection members receive free updates for 1 year. Gold Collection Members may optionally renew in future years for only $250* per year.

Immediate Access

Once you make your purchase we will e-mail you a link to download the collection.

Fully Customizable

Fully customizable Word docs in an attractive format.

Complete and Ready to Go

Just insert your organization's name ( sample policy).

Best Choice
Created by Certified Auditors

Certified by the Information Systems Audit and Control Association

No Conflicts

No software to download or install. (Frequently asked questions, Payment options, and Terms and Conditions).

Cost Effective

No need to hire a security consultant. Save time and money.

Industry Experts

Over 25 years of policies and IT security and compliance audits. Featured on national television and in over 40 publications (In the News).

Client Testimonials

Read what our customers tell about us
We have used your policies for over 5 years. We are a fan!
profile Mark Anderson
Chief Technology Officer
star star star star star
Your policy templates are very helpful. They were easy to customize to meet our specific needs.
profile John Thompson
IT Director
star star star star star
We develop cloud software applications. Clients frequently ask us about our security and your policy collection helps us meet their requirements.
profile Rick Wilson
Lead Developer
star star star star star
Your templates are complete and it was fast and easy to meet compliance requirements. We chose the Gold collection to keep our policies up-to-date.
profile Paul Webber
Chief Risk Officer
star star star star star
Management asked me to research IT policies. I found your collection and was glad I did. Not only did it include the policies to get us started, but it also included documents that will help us in the future.
profile Joe Johnson
Network Administrator
star star star star star

Policy Templates

All documents listed below are included with your purchase

Security Policy (listed under Security Governance) is the highest level policy document that provides overall security guidance and direction. This document refers to other policy and plan documents listed below. Alternatively, the Cybersecurity Framework Policy can be used as your highest level policy document.

Network Security
Network Security Policies & Plans

Acceptable Use Policy
Access Control Policy
Access Control Procedure
Account Management Policy
Acquisition and Procurement Policy
Admin Special Access Policy
Anti-Malware Policy
Anti-Malware Procedure
Asset Management Policy
Audit Trails Policy
Backup Plan
Backup Policy
Backup Procedure
Bluetooth Policy
Certification and Accreditation Policy
Change Management Policy
Change Management Procedure
Configuration Management Plan
Configuration Management Policy
Data Analytics Policy
Data Integrity Policy
Data Marking Policy
Data Privacy Policy
Data Retention Policy
Database Security Policy
Disposal Policy
Domain Controller Policy
Domain Name System Policy
E-commerce Policy
Encryption Policy
Engineering Trustworthy Secure Systems Policy
Facility Security Plan
Firewall Hardening Procedure
Firewall Policy
Firewall Procedure
Guest Access Policy
Hardware and Software Maintenance Policy
Hardware and Software Maintenance Procedure
Identification and Authentication
Internet Connection Policy
Logging Policy
Logging Procedure
Logical Access Controls Policy
Media Protection Policy
Network Address Policy
Network Configuration Policy
Network Documentation Policy
Network Security Policy
Password Policy
Patch Management Policy
Patch Management Procedure
Personnel Security Policy
Physical Access Policy
Physical Security Policy
Planning Policy
Problem Management Policy
Problem Management Procedure

Compliance Policies and Plans

Audit Policy
Clear Desk Policy
Compliance Policy
Compliance and Standards Matrix
Data Privacy Policy
Data Privacy and Protection Policy
Ethics Policy
GDPR EU Privacy and Data Protection
Genetic Data Privacy Policy
Health Safety Policy
Identity Theft Protection Policy
Outsourcing Policy
PCI Policy
PII Processing Transparency Policy
Privacy Policy (CCPA, CPRA, & others)
Protecting CUI NIST 800-171 Policy
Security Awareness and Training Plan
Security Awareness and Training Policy
Security Controls Review Policy
Security Privacy Controls NIST 800-53 Policy
System Controls SOC2 Policy
Third Party Service Providers Policy
Vulnerability and Penetration Testing
Web Site Privacy Policy

Security Governance

Artificial Intelligence Policy
Bring Your Own Device & Technology
Business Secrets Policy
Context and Alignment Policy
Corporate IT Policy
Cybersecurity Policy
Cybersecurity Framework Policy
Documentation Policy
E-mail Policy
Environmental, Social, and Governance Policy
Green Computing Policy
IT Governance Policy
IT Management Policy
Information Security Policy
Mass Communication Policy
Mergers and Acquisitions Policy
Mobile Device Policy
Portable Computing Policy
Production Input Output Controls Policy
Release Management Policy
Remote Work Policy
Reporting Violations Policy
Security Policy (highest level document)
Smartphone Policy
Social Networking Policy
Staff Security Policy
Staffing Policy
Standard Operating Procedure Policy
Cybersecurity Supply Chain Risk Management Policy
System and Communications Protection Policy
System and Information Integrity Policy
System and Services Acquisition Policy
Wearable Computing Device Policy

Risk Management
Risk Management Policies

Business Impact Analysis Policy
Data Classification Policy
Quality Assurance Policy
Risk Assessment Policy
Risk Management Policy
Security Self Assessment Policy

Incident Response Policies & Plans

Identity Theft Protection Policy
Incident Response Plan
Incident Response Policy
Intrusion Detection Policy

Business Continuity Policies & Plans

Business Continuity Communications
Business Continuity Disaster Recovery
Business Continuity Department Plan
Business Continuity Plan
Business Continuity Policy
Business Continuity Resumption Plan
Resilience Policy

Application Security Policies

Application Implementation Policy
Approved Application Policy
Secure Software Development Lifecycle
Software Development Policy
Web Site Policy


Asset Transfer Form
Audit Log Form
Backup Log Form
Business Impact Analysis Questionnaire
Change Management Log Form
Daily Network Checklsit Form
Incident Response Form
I.S. Access Request Form
I.S. Log Form
Problem Management Form
Third Party Service Provider Log Form


Business Associate Agreement
Non-disclosure Agreement

Frequently asked questions

The Silver Collection includes over 180 information systems security policies, plans, and forms. The Altius IT Gold Collection includes everything in the Silver Collection plus you automatically receive one year of free updates to existing policies, procedures, plans, and forms as well as any new documents created by our experts. In the future, Gold Collection members have the option of paying $250* per year to keep their collection up-to-date.

Each organization has different needs. We provide the best value by offering you a choice of options. By purchasing the Altius IT Gold Collection, you will automatically receive one year of free updates to existing security policy documents as well as new policies created by our experts. In future years you have the option of keeping your collection up-to-date through our subscription service. We will notify you when your subscription is coming up for renewal and you may cancel at any time.

The Altius IT Policy Collection is a Collection of IT policies, procedures, plans, and forms with an emphasis on security, privacy, and compliance. Each document has a consistent look and feel and is provided as a separate Microsoft Word file. This gives you the flexibility of only rolling out the documents needed by your organization.

Yes. We provide over 180 information security policy templates specifically designed to enhance your security posture by implementing controls to reduce security and privacy risks. Instead of assembling all policies in one large document, the Altius IT Policy Collection provides you with separate policy documents that are easier to maintain and distribute to your relevant staff. For example, web developers should receive software development related policies while network administrators should receive network infrastructure related policies (e.g. Firewall Policy, Server Hardening Policy, etc.). Please see above for the actual names of the IT policy templates included with our collection.

Yes. The Collection was developed by our experts after many years of performing security audits. The Altius IT Policy Collection was developed to help organizations meet security best practices, security policy standards, and compliance requirements. If you are looking for a security policies template, information policies, information security policy, cyber security policy, IT policies and procedures, or password security policies, our Collection can help you.

We make available one sample policy for your review. All documents have the same attractive format and the content within each document is customized to a specific subject. For example, the Password Policy addresses password and authentication requirements and controls.

Unfortunately, no. The Collection was developed to help organizations meet security and compliance requirements. Even if you only need a few documents to start, you will likely need more policies, plans, and forms as you grow or when requested by your clients, customers, and other entities.

We require full payment at the time of purchase. In the end, we believe that the Altius IT Policy Collection will generate revenue for your organization by helping you acquire more clients, customers, and other entities that are concerned about security and privacy.

Once we receive your payment, we will e-mail you instructions to download the Collection of security policies templates.

It depends upon how frequently legislative changes are enacted and/or changes are made to security best practices. Typically we release two or three sets of updates per year. The advantage to you is that you don't need to monitor legislation and standards for changes. We do the work for you and will automatically notify you when updates are ready to be downloaded.

If you purchase the Silver Collection, no updates are provided and you are responsible for keeping the Collection up-to-date to meet security and compliance requirements. If you purchase the Gold Collection no action is needed on your part. We automatically e-mail you the updates as soon as they are available. In future years you have the option to continue to renew the updates for $250* per year.

Simply send us an e-mail and let us know your old information and the new information. The Collection is licensed to an organization so we won't be able to transfer the license to a new organization or other entity.

Please send us an e-mail and we will evaluate your request. If we believe your request will add value, we will develop the document and add it to our Collection. Gold Collection members will receive the new document at no additional charge during their subscription period.

The Collection is designed to be easy to use and implement. We offer limited support by e-mail as well as support on a retainer basis for organizations that need additional support or assistance. Please e-mail us for more information.

Payment Options

credit-card Credit/Debit Card

Altius IT accepts most major credit and debit cards. To pay by payment card select either our Silver or Gold collection.

Select service
credit-card PayPal

Altius IT accepts payment by PayPal.

Select service
shopping-bag Purchase Order

Contact us for instructions to acquire the Altius IT Policy Collection using your organization's Purchase Order.

bank Bank Wire

Organizations outside of the United States may want to contact us for instructions to wire funds to our bank account.

Estimates- need an Estimate or Quote prior to purchase? Silver Collection Estimate without updates or Gold Collection Estimate with 1 year of free updates.

Terms and Conditions

verified If You Want a "Security Audit"
You Need a Certified Auditor.
Certified Information Systems Auditors

Unlike a security consultant, Altius IT is certified as a Certified Information Systems Auditor to perform a security audit of your environment and issue reports and recommendations to secure your systems. After your audit, Altius IT's Auditor Opinion Letter and Secure Seal let your clients and prospects know you meet security best practice/compliance requirements.

See our In the News page for video clips of our experts on national television as well as over 40 publications featuring Altius IT. In addition to our auditor certifications we hold many security, technical, and project management credentials. More information is available on our About Us page.

Our comprehensive audit service uncovers gaps in your existing defenses so that you can better:

  • Fortify your information systems, applications, and network infrastructure
  • Comply with regulatory requirements
  • Protect your valuable assets