HomeCIS Critical Security ControlsPolicy Templates

Policy Templates


CIS assembled a working group of policy experts to develop the information security policy templates. These policy templates align with CIS Controls v8 and v8.1, enabling enterprises to formalize their efforts around addressing the Safeguards in Implementation Group 1 (IG1). They cater exclusively to IG1 Safeguards; they do not address Implementation Group 2 (IG2) or Implementation Group 3 (IG3) Safeguards.

Learn More


Available Policy Templates

Acceptable Use Policy Template for the CIS Controls

This template can assist an enterprise in developing acceptable use for the CIS Controls.
Download the template

Enterprise Asset Management Policy Template for CIS Control 1

This template can assist an enterprise in developing an enterprise asset management policy.
Download the template

Software Asset Management Policy Template for CIS Control 2

This template can assist an enterprise in developing a software asset management policy.
Download the template

Data Management Policy Template for CIS Control 3

This template can assist an enterprise in developing a data management policy.
Download the template

Secure Configuration Management Policy Template for CIS Control 4, 9, and 12

This template can assist an enterprise in developing a secure configuration management policy.
Download the template

Account and Credential Management Policy Template for CIS Controls 5 and 6

This template can assist an enterprise in developing an account and credential management policy.
Download the template

Vulnerability Management Policy Template for CIS Control 7

This template can assist an enterprise in developing a data management policy.
Download the template

Audit Log Management Policy Template for CIS Control 8

This template can assist an enterprise in developing an audit log management policy.
Download the template

Malware Defense Policy Template for CIS Control 10

This template can assist an enterprise in developing a malware defense policy.
Download the template

Data Recovery Policy Template for CIS Control 11

This template can assist an enterprise in developing a data recovery policy.
Download template

Security Awareness Skills Training Policy Template for CIS Control 14

This template can assist an enterprise in developing a security awareness skills training policy.
Download template

Service Provider Management Policy Template for CIS Control 15

This template can assist an enterprise in developing a service provider management policy.
Download the template

Incident Response Policy Template for CIS Control 17

This template can assist an enterprise in developing an incident response policy.
Download template

 

 


Get the Latest Version of the CIS Controls

Download CIS Controls v8.1

Need Support?

Email us with any questions you might have at [email protected].

 

Information Hub

CIS Controls

White Paper07.30.2024
CIS Controls v8.1 Mapping to HPH CPGs
Read More
Blog Post07.29.2024
See How Realistic Cyber Defense Is in a New Trailhead Course
Read More
White Paper07.29.2024
CIS Critical Security Controls v8.1 Industrial Control Systems (ICS) Guide
Read More
White Paper07.23.2024
CIS Controls v8.1 Mapping to CSA Cloud Controls Matrix v4
Read More