An Information Security Policy (ISMS policy) is the foundation of an ISO 27001 implementation. This template gives you a complete base version that satisfies Annex A of ISO 27001:2022 and that you can adapt to your own organisation in a few hours.
1. Purpose of this policy
This policy describes how [organisation name] safeguards the confidentiality, integrity and availability of information. It applies to all employees, externals and systems that have access to information of [organisation name] or its customers.
2. Scope
This policy applies to: