This framework guides your organization to agree on well-defined objectives for strategy and security of information. A set of digital security policies aimed to help you improve your digital safety and resiliency, and also promote digital rights and privacy for all, in Jordan and around the globe.
Information security focuses on three main objectives:
Confidentiality
— considers proper authorization to access and use assetsIntegrity
— considers data integrity and authenticityAvailability
— considers ease of access to information or systems when necessary
Grouped and categorized you will find a set of policies that you may use as a basis to develop your own tailored set of policies.
A Digital Security Policy
or Policy
in this context identifies the rules and procedures for all individuals accessing and using an organization's IT assets and resources. Effective security is ensured by deploying and enforcing of such policies in the workplace and for all employees.
Every Policy
consists of four different sections:
Objectives
- what the policy aims to accomplish?Scope
- who, what, and when this policy applies.Conditions
- list of goals needed to accomplish our desired aims.Compliance Rules
- list of responsibilities for compliance and actions to be taken in the event of noncompliance.
Free use disclaimer
This policy was created by the Jordan Open Source Association (JOSA) for the Internet community.
All or parts of this framework can be freely used for your organization.
There is no prior approval required.
?> Looking to contribute? Read the contribution guide.
Revision | Description | Date | Tag |
---|---|---|---|
1.11 | The initial revision | 07/03/2022 | TID |
1.22 | The initial revision | 20/04/2022 | TID |
To better reference policy components in this toolkit we use the following notation systems.
Every Policy
is denoted as CXPY
where:
X
is a number which denotes the category of the digital policyY
is a number which denotes the policy in that category
Every Condition
is denoted as CXPY.CZ
where:
X
is a number which denotes the category of the digital policyY
is a number which denotes the policy in that categoryZ
is a number which denotes the condition for that policy
Every Complience Rule
is denoted as CXPY.CRZ
where:
X
is a number which denotes the category of the digital policyY
is a number which denotes the policy in that categoryZ
is a number which denotes the condition rule for that policy