§01
About this domain.
This directory contains organization-neutral information security governance artefacts released under CC BY-SA 4.0. The domain covers security governance, identity and access management, logging and monitoring, data classification, secure operations, incident response, vulnerability management, secure development, and technical control baselines.
§02
Documents.
35 documents in this domain. Each links to its source on GitHub, where the corpus is version-controlled and continuously gated.
- FrameworkCryptographic Key Lifecycle Management Framework↗
- FrameworkInsider Risk Programme Framework↗
- FrameworkZero Trust Architecture Framework↗
- PolicyAcceptable Use Policy↗
- PolicyAcceptance Into Service Policy↗
- PolicyBring Your Own Device (BYOD) Policy↗
- PolicyEncryption and Key Management Policy↗
- PolicyIdentity and Access Management Policy↗
- PolicyInformation Security Policy↗
- PolicyNetwork Communications Security Policy↗
- ProcedureAccess Control Procedure↗
- ProcedureCryptographic Key Operations Procedure↗
- ProcedureIT Onboarding and Offboarding Procedure↗
- ProcedureIdentity Management Procedure↗
- ProcedureKey Escrow and Recovery Procedure↗
- ProcedureSecurity Disciplinary Process Procedure↗
- ProcedureSecurity Incident Response Procedure↗
- ProcedureVulnerability Management Procedure↗
- RoadmapPost-Quantum Cryptography Readiness Roadmap↗
- SOPIncident Escalation Matrix↗
- SOPSecurity Ticket Reporting Scheme↗
- StandardAuthentication and Password Management Standard↗
- StandardData Classification and Handling Standard↗
- StandardData Loss Prevention Standard↗
- StandardEmail Security Standard↗
- StandardEndpoint Hardening Standard↗
- StandardLogging and Monitoring Standard↗
- StandardPenetration Testing and Red Team Standard↗
- StandardPersonnel Security Screening Standard↗
- StandardPrivileged Access Management Standard↗
- StandardRemote Working Security Standard↗
- StandardSaaS Security Posture Management Standard↗
- StandardSecurity Awareness and Training Standard↗
- StandardSecurity Operations Centre Operating Model Standard↗
- StandardThreat Modelling Standard↗