Common Security Policy Library (CPL)

Comply with multiple information security and data privacy frameworks with a single set of comprehensive information security polices. Information Shield’s CPL enables compliance with ISO 27002, PCI-DSS, HIPAA/HiTECH, NIST CSF or any other framework using a single unified set of policy documents. CPL Security policy templates enable any organization to quickly develop information security policies that are both practical and enforceable.

Why a “common” approach to security policy?

Many organizations struggle to rationalize the complex requirements of various compliance frameworks such as ISO 27002, PCI-DSS, HIPAA/HiTECH, NIST and GDPR. In truth, however, most of these frameworks prescribe a common set of information security controls that would apply to any business. We have taken these requirements and distilled them into a single outline that can be adopted easily. The CPL framework is backed by pre-written information security policies covering every topic.


The Most Complete Security Policy Library Available

The Common Policy Library (CPL) contains over 1700 pre-written information security policies covering over 200 different information security topics. The CPL is organized in 16 different domains covering essential security topics including:

1. IT Risk Management
2. Security Policies and Procedures
3. Information Security Program
4. Asset Management
5. Information Management
6. Personnel Security Management
7. Third Party Security
8. Access Control Security

9. Network Security Management
10. Physical Security Management
11. Operations Security
12. Application Development
13. Incident Response Management
14. IT Business Continuity
15. Security Compliance and Audit
16. Employee & Customer Privacy

Regular Security Policy Updates

The Common Policy Library (CPL) is updated in response the latest technologies, threats, and regulatory changes. New technologies such as mobile devices, VOIP, portable storage (USB) and social media all create new threats to confidential information. Our security experts monitor the latest trends and update our library of information security policy and data privacy policies.

Time-Tested Information Security Policies

Information Security Policies Made EasyThe Common Policy Library is based on Information Security Policies Made Easy, by Charles Cresson Wood. Our policies, tools and templates are written by seasoned information security professionals and have been battle-tested in over 10,000 organizations from over 60 different countries.

Still not convinced?  Contact us for a free sample security policy.