Templates

Policy templates you can actually use

Ready-to-adapt security and compliance policies, written by CERT-In empanelled auditors. Open any template, tailor it to your organisation, and save it as a PDF.

Governance
Information Security Policy

The top-level policy that sets your organisation’s commitment to protecting information and frames every other control.

Open template →
Access
Access Control Policy

Defines how identities, roles and permissions are granted, reviewed and revoked across your systems.

Open template →
Governance
Acceptable Use Policy

Sets the rules for how employees may use company systems, devices, networks and data.

Open template →
Access
Password & Authentication Policy

Standards for passwords, multi-factor authentication and credential handling.

Open template →
Operations
Incident Response Policy

How security incidents are detected, reported, contained, investigated and closed.

Open template →
Privacy
Data Protection & Privacy Policy

Internal policy for lawful, transparent handling of personal data — aligned with the DPDP Act.

Open template →
Risk
Third-Party / Vendor Risk Policy

How third parties with access to your data or systems are assessed and monitored.

Open template →
Privacy
Data Retention & Disposal Policy

Defines how long different data types are kept and how they are securely disposed of.

Open template →

Templates are starting points — tailor scope, roles and specifics to your environment. Want a policy set built and audited for you? Talk to our team.