Overview
This framework guides your organization to agree on well-defined objectives for strategy and security of information. A set of digital security policies aimed to help you improve your digital safety and resiliency, and also promote digital rights and privacy for all, in Jordan and around the globe.
Information security focuses on three main objectives:
Confidentiality— considers proper authorization to access and use assetsIntegrity— considers data integrity and authenticityAvailability— considers ease of access to information or systems when necessary
Grouped and categorized you will find a set of policies that you may use as a basis to develop your own tailored set of policies.
A Digital Security Policy or Policy in this context identifies the rules and procedures for all individuals accessing and using an organization's IT assets and resources. Effective security is ensured by deploying and enforcing of such policies in the workplace and for all employees.
Every Policy consists of four different sections:
Objectives- what the policy aims to accomplish?Scope- who, what, and when this policy applies.Conditions- list of goals needed to accomplish our desired aims.Compliance Rules- list of responsibilities for compliance and actions to be taken in the event of noncompliance.
Free use disclaimer
This policy was created by the Jordan Open Source Association (JOSA) for the Internet community.
All or parts of this framework can be freely used for your organization.
There is no prior approval required.
?> Looking to contribute? Read the contribution guide.
Revisions
| Revision | Description | Date | Tag |
|---|---|---|---|
| 1.11 | The initial revision | 07/03/2022 | TID |
| 1.22 | The initial revision | 20/04/2022 | TID |
Notation
To better reference policy components in this toolkit we use the following notation systems.
Policies
Every Policy is denoted as CXPY where:
Xis a number which denotes the category of the digital policyYis a number which denotes the policy in that category
Conditions
Every Condition is denoted as CXPY.CZ where:
Xis a number which denotes the category of the digital policyYis a number which denotes the policy in that categoryZis a number which denotes the condition for that policy
Complience Rules
Every Complience Rule is denoted as CXPY.CRZ where:
Xis a number which denotes the category of the digital policyYis a number which denotes the policy in that categoryZis a number which denotes the condition rule for that policy