Organizational Policy Review
Summary
Purpose
Guiding Questions
Operational Security
Preparation
Outputs
References and resources for Organizational Policy Review
-
Policy Templates Organizational Security Policies - Template (AccessNow; Available in English and Spanish)
-
Policy Templates Defenders Protocol (Open Briefing, Available in 27 languages).
-
Policy Generator SOAP Policy Builder for civil society/media organizations.
-
Policy Templates and Process SAFE AND DOCUMENTED FOR ACTIVISM (English, Spanish; focused on activist organizations)
-
Policy Templates Information Security Policy Templates (SANS)
-
Meta-Framework Cybersecurity Framework (NIST)
-
Guide: "Mitigation Recommendation" (NIST SP 800-115)
-
Overview: "How Is Risk Managed?" (An Introduction to Information System Risk Management)
-
Book: "Digging Deeper into Mitigations - p. 130" (Threat Modeling - Adam Shostack)[^shostack]
Organizational Policies:
Recommendation Development: