Auditor-Built Policy Templates

Altius IT Policy Collection

Pass security audits & client reviews without writing policies from scratch. 180+ auditor-built security & compliance policy templates aligned to NIST, ISO, HIPAA, PCI, COBIT, GDPR, and more.

Get Audit-Ready Policies View All Templates

Trusted by IT Directors, CTOs, Compliance Officers, MSPs, and SaaS Companies

Trusted by 500+ organizations across healthcare, finance, technology, and government

4.8 / 5 Exceptional Satisfaction Rating
IT Policy Templates

Get Audit-Ready Policies Now

Choose the collection that fits your organization's needs. Both include 180+ policies, plans, and forms.

Silver Collection

180+ documents without Altius IT updates

$595 USD
180+ policies, plans & forms
Fully customizable Word docs
Immediate download access
You monitor compliance changes
You update documents yourself
Buy Silver Collection
Most Popular

Gold Collection

180+ documents with 1 year free Altius IT updates

$750 USD
Everything in Silver
Altius IT monitors compliance changes
Automatic updates for 1 year
New documents added automatically
Renew for $250/year after first year
Buy Gold Collection
PayPal and other payment options

Not Sure Yet?

Check out samples before buying

Policy Templates List Sample Policy Compliance Matrix

Resellers please contact us via e-mail for information on our reseller program.

Why Choose Our Collection

Everything You Need to Be Audit-Ready

Comprehensive Collection

180+ Policy Documents

Complete package with over 180 policies, procedures, plans, and forms to help you meet security and compliance requirements.

Meets Compliance Requirements

Aligned to COBIT, GDPR, HIPAA, ISO, NIST, PCI, and others (compliance matrix).

Network, Compliance & Risk

Collection covers network security, compliance, and risk management (complete list of documents).

Exceptional Satisfaction

4.8 out of 5 — rated by IT directors, CTOs, and compliance officers.

Easy Access

Subscription Updates

Gold Collection members receive free updates for 1 year. Optionally renew for only $250/year after that.

Immediate Access

Once you make your purchase we will e-mail you a link to download the collection.

Fully Customizable

Fully customizable Word docs in an attractive, professional format.

Complete and Ready to Go

Just insert your organization's name (sample policy).

Best Choice

Created by Certified Auditors

Certified by the Information Systems Audit and Control Association.

No Conflicts

No software to download or install. Simple Word documents you can use immediately.

Cost Effective

No need to hire a security consultant. Save time and money.

Industry Experts

Over 30 years of IT security and compliance audits. Featured on national television and in over 40 publications.

Client Testimonials

What Our Customers Say

We have used your policies for over 5 years. We are a fan!
Mark Anderson
Chief Technology Officer
Your policy templates are very helpful. They were easy to customize to meet our specific needs.
John Thompson
IT Director
We develop cloud software applications. Clients frequently ask us about our security and your policy collection helps us meet their requirements.
Rick Wilson
Lead Developer
Your templates are complete and it was fast and easy to meet compliance requirements. We chose the Gold collection to keep our policies up-to-date.
Paul Webber
Chief Risk Officer
Management asked me to research IT policies. I found your collection and was glad I did. Not only did it include the policies to get us started, but it also included documents that will help us in the future.
Joe Johnson
Network Administrator
Complete Document List

Policy Templates

All documents listed below are included with your purchase.

Security Policy (listed under Security Governance) is the highest level policy document that provides overall security guidance and direction. Alternatively, the Cybersecurity Framework Policy can be used as your highest level policy document.

Network Security

Network Security Policies & Plans
Acceptable Use Policy
Access Control Policy
Access Control Procedure
Account Management Policy
Acquisition and Procurement Policy
Admin Special Access Policy
Anti-Malware Policy
Anti-Malware Procedure
Asset Management Policy
Audit Trails Policy
Backup Plan
Backup Policy
Backup Procedure
Bluetooth Policy
Certification and Accreditation Policy
Change Management Policy
Change Management Procedure
Configuration Management Plan
Configuration Management Policy
Data Analytics Policy
Data Integrity Policy
Data Marking Policy
Data Privacy Policy
Data Retention Policy
Database Security Policy
Disposal Policy
Domain Controller Policy
Domain Name System Policy
E-commerce Policy
Encryption Policy
Engineering Trustworthy Secure Systems Policy
Facility Security Plan
Firewall Hardening Procedure
Firewall Policy
Firewall Procedure
Guest Access Policy
Hardware and Software Maintenance Policy
Hardware and Software Maintenance Procedure
Identification and Authentication
Internet Connection Policy
Logging Policy
Logging Procedure
Logical Access Controls Policy
Media Protection Policy
Network Address Policy
Network Configuration Policy
Network Documentation Policy
Network Security Policy
Password Policy
Patch Management Policy
Patch Management Procedure
Personnel Security Policy
Physical Access Policy
Physical Security Policy
Planning Policy
Problem Management Policy
Problem Management Procedure
Program Management Policy
Procedure Template
Ransomware Policy
Receipt & Acknowledgement
Remote Access Policy
Removable Media Policy
Router Security Policy
Securing Information Systems Policy
Securing Sensitive Information Policy
Security Architecture Policy
Security Monitoring Policy
Server Certificates Policy
Server Hardening Policy
Server Hardening Procedure
Software Licensing Policy
System Security Plan
System Update Policy
Terms and Definitions Policy
User Privilege Policy
Vendor Access Policy
VPN Policy
Wireless Access Policy
Workstation Hardening Procedure
Workstation Security Policy

Compliance

Compliance Policies & Plans
Audit Policy
Clear Desk Policy
Compliance Policy
Compliance and Standards Matrix
Conflict of Interest Policy
Data Privacy Policy
Data Privacy and Protection Policy
Ethics Policy
GDPR EU Privacy and Data Protection
Genetic Data Privacy Policy
Health Safety Policy
HIPAA and HITECH Policy
HITRUST Policy
Identity Theft Protection Policy
Outsourcing Policy
PCI Policy
PII Processing Transparency Policy
Privacy Policy (CCPA, CPRA, & others)
Protecting CUI NIST 800-171 Policy
Security Awareness and Training Plan
Security Awareness and Training Policy
Security Controls Review Policy
Security Privacy Controls NIST 800-53 Policy
System Controls SOC2 Policy
Third Party Service Providers Policy
Vulnerability and Penetration Testing
Web Site Privacy Policy
Security Governance
AI Action Plan
AI Provider Policy
AI Use Policy
Artificial Intelligence Policy
Bring Your Own Device & Technology
Business Secrets Policy
Context and Alignment Policy
Corporate IT Policy
Cybersecurity Policy
Cybersecurity Framework Policy
Cybersecurity Supply Chain Risk Management Policy
Documentation Policy
E-mail Policy
Environmental, Social, and Governance Policy
Green Computing Policy
IT Governance Policy
IT Management Policy
Information Security Policy
Mass Communication Policy
Mergers and Acquisitions Policy
Mobile Device Policy
Portable Computing Policy
Production Input Output Controls Policy
Release Management Policy
Remote Work Policy
Reporting Violations Policy
Security Policy (highest level document)
Smartphone Policy
Social Networking Policy
Staff Security Policy
Staffing Policy
Standard Operating Procedure Policy
System and Communications Protection Policy
System and Information Integrity Policy
System and Services Acquisition Policy
Wearable Computing Device Policy

Risk Management

Risk Management Policies
Business Impact Analysis Policy
Data Classification Policy
Quality Assurance Policy
Risk Assessment Policy
Risk Management Policy
Security Self Assessment Policy
Incident Response Policies & Plans
Identity Theft Protection Policy
Incident Response Plan
Incident Response Policy
Intrusion Detection Policy
Business Continuity Policies & Plans
Business Continuity Communications
Business Continuity Disaster Recovery
Business Continuity Department Plan
Business Continuity Plan
Business Continuity Policy
Business Continuity Resumption Plan
Resilience Policy
Application Security Policies
Application Implementation Policy
Approved Application Policy
Secure Software Development Lifecycle
Software Development Policy
Web Site Policy
Forms
Asset Transfer Form
Audit Log Form
Backup Log Form
Business Impact Analysis Questionnaire
Change Management Log Form
Daily Network Checklist Form
Incident Response Form
I.S. Access Request Form
I.S. Log Form
Problem Management Form
Third Party Service Provider Log Form
Agreements
Business Associate Agreement
Non-disclosure Agreement
FAQ

Frequently Asked Questions

The Silver Collection includes over 180 information systems security policies, plans, and forms. The Gold Collection includes everything in the Silver Collection plus one year of free updates and any new documents created by our experts. Gold members may renew for $250/year.

Each organization has different needs. We provide the best value by offering you a choice of options. By purchasing the Gold Collection, you will automatically receive one year of free updates to existing documents as well as new policies created by our experts. In future years you have the option of keeping your collection up-to-date through our subscription service.

The Altius IT Policy Collection is a collection of IT policies, procedures, plans, and forms with an emphasis on security, privacy, and compliance. Each document has a consistent look and feel and is provided as a separate Microsoft Word file, giving you the flexibility of only rolling out the documents needed by your organization.

Yes. The Collection was developed by our experts after many years of performing security audits. It was designed to help organizations meet security best practices, security policy standards, and compliance requirements including HIPAA, NIST, ISO, PCI, GDPR, and many others.

We make available one sample policy for your review. All documents have the same attractive format and the content within each document is customized to a specific subject.

Unfortunately, no. The Collection was developed to help organizations meet security and compliance requirements. Even if you only need a few documents to start, you will likely need more policies, plans, and forms as you grow or when requested by clients and other entities.

We require full payment at the time of purchase. We believe that the Altius IT Policy Collection will generate revenue for your organization by helping you acquire more clients and entities that are concerned about security and privacy.

Once we receive your payment, we will e-mail you instructions to download the Collection of security policy templates.

It depends on how frequently legislative changes are enacted and/or changes are made to security best practices. Typically we release two or three sets of updates per year. We do the work for you and will automatically notify you when updates are ready.

Silver Collection purchasers are responsible for keeping the Collection up-to-date. Gold Collection members receive automatic updates via e-mail as soon as they are available. In future years you may renew updates for $250/year.

The Collection is designed to be easy to use and implement. We offer limited support by e-mail as well as support on a retainer basis for organizations that need additional assistance.

Purchase

Payment Options

Credit/Debit Card

Altius IT accepts most major credit and debit cards. Select either our Silver or Gold collection to proceed.

Select service

PayPal

Altius IT accepts payment by PayPal.

Select service

Purchase Order

Contact us for instructions to acquire the Altius IT Policy Collection using your organization's Purchase Order.

Contact Us

Bank Wire

Organizations outside of the United States may want to contact us for instructions to wire funds to our bank account.

Contact Us
Estimates — Need an estimate or quote prior to purchase? Silver Collection Estimate without updates or Gold Collection Estimate with 1 year of free updates.

Terms and Conditions

  • The Altius IT Policy Collection (Products) includes IT security and privacy policy templates that can be customized to your specific needs. By purchasing the Products, you agree to the terms and conditions of Altius IT's License Agreement.
  • You agree to provide us with your organization's name and contact information so that you are properly licensed.
  • No refunds. Credit can be applied to our audit, assessment, and consulting services if you are unhappy with the Products.
  • Altius IT reserves the right to change or modify these Terms and Conditions at any time.

Ready to Secure Your Organization?

Schedule a free consultation with our CISA-certified auditors. We will help you choose the right audit for your organization and provide a clear path to stronger security.

Free Consultation (714) 794-5210