Common Information Security Policy Library (CPL)

Comply with multiple information security and data privacy frameworks with a single set of comprehensive information security polices. Information Shield’s CPL enables compliance with ISO 27002, PCI-DSS, HIPAA/HiTECH, NIST CSF or any other framework using a single unified set of policy documents. CPL Security policy templates enable any organization to quickly develop information security policies that are both practical and enforceable.

Why a “common” approach to security policy?

Common Security Policy Library

Many organizations struggle to rationalize the complex requirements of various compliance frameworks such as ISO 27002, PCI-DSS, HIPAA/HiTECH, NIST and GDPR. However, most of these frameworks prescribe a common set of information security controls that would apply to any business. We have distilled these requirements into a single common security control outline that can be adopted and mapped easily. The CPL framework is backed by pre-written information security policies covering every topic.  

The Most Complete Security Policy Library Available

The Common Policy Library (CPL) contains over 1700 pre-written information security policies covering over 200 different information security topics. The CPL is organized in 16 different domains covering essential security topics including:


1. IT Risk Management

2. Security Policies and Procedures

3. Information Security Program

4. Asset Management

5. Information Management

6. Personnel Security Management

7. Third Party Security

8. Access Control Security



9. Network Security Management

10. Physical Security Management

11. IT Operations Security Policy

12. Application Development

13. Incident Response Management

14. IT Business Continuity

15. Security Compliance and Audit

16. Employee & Customer Privacy

Regular Security Policy Updates

The Common Policy Library (CPL) is updated in response the latest technologies, threats, and regulatory changes. New technologies such as mobile devices, VOIP, portable storage (USB) and social media all create new threats to confidential information. Our security experts monitor the latest trends and update our library of information security policy and data privacy policies.

Time-Tested Information Security Policies

The Common Policy Library is based on Information Security Policies Made Easy, by Charles Cresson Wood. Our policies, tools and templates are written by seasoned information security professionals and have been battle-tested in over 10,000 organizations from over 60 different countries. Still not convinced?  Contact us for a free sample security policy.